22 matches found
mat2 路径遍历漏洞
mat2 is a metadata removal tool by the individual developer of jvoisin. A path traversal vulnerability exists in versions of mat2 prior to 0.13.0, which stems from a vulnerability that allows traversal during ZIP archive cleanup of the ... / directory during ZIP archive cleanup. An attacker could...
mat2 -- directory traversal/arbitrary file read during ZIP file processing
mat2 aka metadata anonymisation toolkit before 0.13.0 allows ../ directory traversal during the ZIP archive cleaning process. This primarily affects mat2 web instances, in which clients could obtain sensitive information via a crafted archive...