EUVD-2023-0790

Malicious code in bioql PyPI...

CVE-2023-25307

nothub mrpack-install = v0.16.2 is vulnerable to Directory Traversal...

GO-2023-1543 mrpack-install vulnerable to path traversal with dependency in github.com/nothub/mrpack-install

mrpack-install vulnerable to path traversal with dependency in github.com/nothub/mrpack-install...

Path Traversal

github.com/nothub/mrpack-install is vulnerable to Path Traversal. The vulnerability exists because it does not properly validate downloaded files for subpaths, which allows an attacker to access files outside the restricted directory...

CVE-2023-25307

nothub mrpack-install = v0.16.2 is vulnerable to Directory Traversal...

Directory traversal

nothub mrpack-install = v0.16.2 is vulnerable to Directory Traversal...

CVE-2023-25307

CVE-2023-25307 affects the command‑line tool nothub/mrpack-install, specifically versions

CVE-2023-25307

nothub mrpack-install = v0.16.2 is vulnerable to Directory Traversal...

mrpack-install 路径遍历漏洞

mrpack-install is a cli application for installing Minecraft servers and Modrinth modpacks by Florian H. Individual developer. A security vulnerability exists in mrpack-install version 0.16.2 and earlier versions, which stems from the presence of a path traversal vulnerability...

mrpack-install vulnerable to path traversal with dependency

Impact Importing a malicious .mrpack file can cause path traversal while downloading files. This can lead to scripts or config files being placed or replaced at arbitrary locations, without the user noticing. Patches No patches yet. Workarounds Avoid importing .mrpack files from untrusted sources...