3 matches found
CVE-2024-12087 Rsync: path traversal vulnerability in rsync
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...
GHSA-XR8X-PXM6-PRJG MITM based Zip Slip in `org.hl7.fhir.publisher:org.hl7.fhir.publisher`
Impact MITM can enable Zip-Slip. Vulnerability Vulnerability 1: Publisher.java There is no validation that the zip file being unpacked has entries that are not maliciously writing outside of the intended destination directory...
Authorization Bypass
ghostscript is vulnerable to authorization bypass. An attacker is able to bypass .tempfile restrictions to write files onto the system using malicious PostScript files...