40 matches found
EUVD-2023-0386
Malicious code in bioql PyPI...
EUVD-2023-12631
Malicious code in bioql PyPI...
MAL-2024-2189 Malicious code in down_load_ebook_jefferson_by_jean_claude_mourlevat_3k9y4 (npm)
--- -= Per source details. Do not edit below this line.=-...
jeffersondentalclinics.com Cross Site Scripting vulnerability OBB-3861347
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
jeffersonyachtclub.com Cross Site Scripting vulnerability OBB-3851633
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
abi-ds-utils (=1.0.1), airflow-add-ons (=0.2.9b1) +14 more potentially affected by CVE-2023-51702 via apache-airflow (>=2.3.2 <=2.5.3)
apache-airflow PYPI version =2.3.2, =0.8.2, =0.1.0, =0.1.20, =2.3.0.dev0, =0.0.37, =0.1.0, =0.1.2, =2.4.3, =0.1.0, =0.10.0.1 and more Source cves: CVE-2023-51702 Source advisory: OSV:GHSA-MG2X-MGGJ-6955...
airflow-clickhouse-plugin (>=1.1.0 <=1.1.0rc2), airgoodies (>=0.0.1a0 <=0.0.4) +6 more potentially affected by CVE-2023-49920 via apache-airflow (>=2.7.1 <=2.7.3)
apache-airflow PYPI version =2.7.1, =1.1.0, =0.0.1a0, =0.1.30, =0.0.1, =0.1.0, =1.2.0, =1.3.4, =1.3.5 Source cves: CVE-2023-49920 Source advisory: OSV:GHSA-6M9R-7WRX-XMR6...
armada-airflow (=0.5.4), jefferson-street-composer (>=1.2.0 <=1.7.1) potentially affected by CVE-2023-45348 via apache-airflow (=2.7.1)
apache-airflow PYPI version =2.7.1 is affected by a known vulnerability. The following packages have a transitive dependency on apache-airflow and may be impacted: - armada-airflow =0.5.4 - jefferson-street-composer =1.2.0, =1.7.1 Source cves: CVE-2023-45348 Source advisory: OSV:GHSA-FPXX-XV4C-GX...
armada-airflow (=0.5.4), jefferson-street-composer (>=1.2.0 <=1.7.1) potentially affected by CVE-2023-45348 via apache-airflow (=2.7.1)
apache-airflow PYPI version =2.7.1 is affected by a known vulnerability. The following packages have a transitive dependency on apache-airflow and may be impacted: - armada-airflow =0.5.4 - jefferson-street-composer =1.2.0, =1.7.1 Source cves: CVE-2023-45348 Source advisory: OSV:PYSEC-2023-204...
SUSE CVE-2022-4885
A vulnerability has been found in sviehb jefferson up to 0.3 and classified as critical. This vulnerability affects unknown code of the file src/scripts/jefferson. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The...
CVE-2023-0592
A path traversal vulnerability affects jefferson's JFFS2 filesystem extractor. By crafting malicious JFFS2 files, attackers could force jefferson to write outside of the extraction directory.This issue affects jefferson: before 0.4.1...
CVE-2023-0592
A path traversal vulnerability affects jefferson's JFFS2 filesystem extractor. By crafting malicious JFFS2 files, attackers could force jefferson to write outside of the extraction directory.This issue affects jefferson: before 0.4.1...
Path traversal
A path traversal vulnerability affects jefferson's JFFS2 filesystem extractor. By crafting malicious JFFS2 files, attackers could force jefferson to write outside of the extraction directory.This issue affects jefferson: before 0.4.1...
CVE-2023-0592
The CVE-2023-0592 entry affects the jefferson JFFS2 filesystem extractor. A path traversal vulnerability allows crafting malicious JFFS2 files to cause writes outside the extraction directory. Affected versions are prior to 0.4.1. Mitigation: update to 0.4.1 or later; as a temporary workaround, r...
CVE-2023-0592 Path traversal in jefferson
A path traversal vulnerability affects jefferson's JFFS2 filesystem extractor. By crafting malicious JFFS2 files, attackers could force jefferson to write outside of the extraction directory.This issue affects jefferson: before 0.4.1...
CVE-2023-0592 Path traversal in jefferson
A path traversal vulnerability affects jefferson's JFFS2 filesystem extractor. By crafting malicious JFFS2 files, attackers could force jefferson to write outside of the extraction directory.This issue affects jefferson: before 0.4.1...
PT-2023-16389 · Jefferson · Jefferson
Name of the Vulnerable Software and Affected Versions: jefferson versions prior to 0.4.1 Description: A path traversal issue affects jefferson's JFFS2 filesystem extractor. Attackers can craft malicious JFFS2 files to force jefferson to write outside of the extraction directory. Recommendations:...
jefferson 路径遍历漏洞
Jefferson is a JFFS2 filesystem extraction tool by the individual developer Stefan Viehböck. A security vulnerability exists in versions of jefferson prior to 0.4.1. An attacker can exploit this vulnerability by crafting malicious JFFS2 files that can be used to write arbitrary files outside of t...
GHSA-7JRW-P8JC-V6QW sviehb/jefferson vulnerable to path traversal
A vulnerability has been found in the sviehb/jefferson JFFS2 filesystem extraction tool. This vulnerability affects unknown code of the file src/scripts/jefferson. The manipulation leads to path traversal. The attack can be initiated remotely. Upgrading to version 0.4 is able to address this issu...
sviehb/jefferson vulnerable to path traversal
A vulnerability has been found in the sviehb/jefferson JFFS2 filesystem extraction tool. This vulnerability affects unknown code of the file src/scripts/jefferson. The manipulation leads to path traversal. The attack can be initiated remotely. Upgrading to version 0.4 is able to address this issu...