Lucene search
+L

41 matches found

NVD
NVD
added 2026/07/08 4:16 p.m.11 views

CVE-2026-59875

node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.17, node-tar does not strip NUL bytes from PAX path and linkpath records in src/pax.ts, allowing a crafted archive with values to reach fs.lstat or fs.open and terminate the process with an uncaught exception. This issue is...

5.3CVSS0.00291EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/29 12:38 p.m.9 views

CVE-2026-54370

acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat check and subsequent symlink-following operations such as stat, chown,...

7.2CVSS5.9AI score0.00091EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: Fixed a regression issue related to native SMB symbolic links. Some users and customers reported that their backup/copy tools began to fail when the directory being copied contained symbolic link targets that the...

5.5CVSS6AI score0.00138EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.14 views

PT-2026-33550

Name of the Vulnerable Software and Affected Versions compressing versions prior to 1.10.5 compressing versions prior to 2.1.1 Description A patch bypass exists in the isPathWithinParent function located in lib/utils.js. The issue stems from a divergence between logical string validation and the...

8.4CVSS6.5AI score0.0024EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2026/04/10 2:24 p.m.3 views

os: FileInfo can escape from a Root in golang os module

A path traversal flaw has been discovered in the golang os module. On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to...

2.5CVSS6.1AI score0.00201EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/09 11:0 a.m.3 views

os: FileInfo can escape from a Root in golang os module

A path traversal flaw has been discovered in the golang os module. On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to...

2.5CVSS6.1AI score0.00201EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.10 views

PT-2026-24607

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

2.5CVSS5.9AI score0.00201EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/07 12:30 a.m.7 views

EUVD-2026-10087

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

5.9AI score0.00201EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/03/07 12:25 a.m.6 views

SUSE CVE-2026-27139

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

3.3CVSS5.9AI score0.00201EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/03/07 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-27139

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root ...

2.5CVSS7.7AI score0.00201EPSS
Exploits0References4
OSV
OSV
added 2026/03/06 10:16 p.m.9 views

AZL-79541 CVE-2026-27139 affecting package golang 1.25.7-1

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

2.5CVSS7.5AI score0.00201EPSS
Exploits0References1
OSV
OSV
added 2026/03/06 10:16 p.m.6 views

AZL-79532 CVE-2026-27139 affecting package golang 1.18.8-10

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

2.5CVSS5.9AI score0.00201EPSS
Exploits0References1
OSV
OSV
added 2026/03/06 10:16 p.m.9 views

AZL-79535 CVE-2026-27139 affecting package golang 1.22.7-5

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

2.5CVSS7.5AI score0.00201EPSS
Exploits0References1
OSV
OSV
added 2026/03/06 10:16 p.m.1 views

DEBIAN-CVE-2026-27139

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

2.5CVSS8AI score0.00201EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/06 10:16 p.m.5 views

CVE-2026-27139

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

2.5CVSS7.3AI score0.00201EPSS
Exploits0References6
OSV
OSV
added 2026/03/06 10:16 p.m.5 views

UBUNTU-CVE-2026-27139

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

2.5CVSS5.9AI score0.00201EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/03/06 9:28 p.m.3 views

CVE-2026-27139 FileInfo can escape from a Root in os

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

5.9AI score0.00201EPSS
Exploits0References4
OSV
OSV
added 2026/03/06 9:28 p.m.2 views

CVE-2026-27139 FileInfo can escape from a Root in os

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

2.5CVSS6.9AI score0.00201EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/03/06 9:28 p.m.24 views

CVE-2026-27139 FileInfo can escape from a Root in os

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

0.00201EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/03/06 9:28 p.m.4 views

CVE-2026-27139

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

2.5CVSS8.1AI score0.00201EPSS
Exploits0
Rows per page
Query Builder