4 matches found
uutils coreutils 安全漏洞
uutils coreutils is a cross-platform core command-line toolset developed by Uutils. There is a security vulnerability in uutils coreutils. This vulnerability stems from the mkdir utility incorrectly applying permissions when using the -m flag. It first uses umask to derive directory permissions a...
PT-2026-34489
Name of the Vulnerable Software and Affected Versions uutils coreutils affected versions not specified Description The mkdir utility incorrectly applies permissions when the -m flag is used. The utility creates a directory with umask-derived permissions typically 0755 and then changes them to the...
CVE-2025-7647 Insecure Temporary File Handling in run-llama/llama_index
The llama-index-core package, up to version 0.12.44, contains a vulnerability in the getcachedir function where a predictable, hardcoded directory path /tmp/llamaindex is used on Linux systems without proper security controls. This vulnerability allows attackers on multi-user systems to steal...
PT-2024-9750 · Unknown +1 · Async Http Client +1
Name of the Vulnerable Software and Affected Versions: AsyncHttpClient versions prior to 3.0.1 Description: The AsyncHttpClient library has an issue where the automatically enabled and self-managed CookieStore silently replaces explicitly defined Cookies with any that have the same name from the...