8 matches found
CVE-2026-12958
Missing symlink validation in Language Servers for AWS may allow an arbitrary file write outside of the workspace trust boundary. This may occur when a local user opens a workspace with a maliciously crafted symlink that resolves to a file path outside the workspace trust boundary. To remediate...
The vulnerability of Engrampa archiver, related to the improper restriction of the path to the limited catalog, allows attackers to upload files to any location within the system.
The vulnerability of Engrampa archiver lies in the lack of checks for the location of symbolic links, which allows arbitrary writing of files to unintended locations. Exploiting this vulnerability could enable a malicious actor to upload files to arbitrary locations within the system...
SUSE CVE-2017-1000115
Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository...
CVE-2017-1000115
Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository...
DEBIAN-CVE-2017-1000115
Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository...
UBUNTU-CVE-2017-1000115
Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository...
PYSEC-2017-88
Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository...
Design/Logic Flaw
Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository...