Lucene search
K

4 matches found

Snyk
Snyk
added 2026/06/19 5:45 p.m.7 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via the os.ReadFile function during direct lookups via resources.Get. An attacker can access arbitrary files outside the intended directory by placing a symlink inside a mounted directory that points to files outside the...

6.5CVSS6AI score0.00318EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/16 8:12 p.m.14 views

Hugo: Symlink confinement bypass in resources.Get

Commit: f8b5fa09a6 — Fix prevention of direct symlink reads in resources.Get Affected versions: v0.123.0 through v0.161.1. Earlier versions are not affected. Fixed in: v0.162.0. Severity: Medium. Requires the attacker to be able to place or convince a site author to place a symlink inside a mount...

6.9CVSS5.6AI score0.00275EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/08/25 5:39 p.m.3 views

CVE-2025-57802 Airlink's Daemon Symlink Vulnerability

Airlink's Daemon interfaces with Docker and the Panel to provide secure access for controlling instances via the Panel. In version 1.0.0, an attacker with access to the affected container can create symbolic links inside the mounted directory /app/data. Because the container bind-mounts an...

8.7CVSS6.8AI score0.0036EPSS
Exploits0References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Linux Kernel < 2.6.31-rc4 nfs4_proc_lock() Denial of Service

No description provided by source. Description of problem: execution of a particular program from the Arachne suite reliably causes a kernel panic due to a NULL-pointer dereference in nfs4proclock. Version-Release number of selected component if applicable: 2.6.18-164.2.1.el5 How reproducible:...

7.1AI score
Exploits0
Rows per page
Query Builder