12 matches found
OpenViking contains a Path Traversal vulnerability
OpenViking versions 0.2.1 and prior, fixed in commit 46b3e76, contain a path traversal vulnerability in the .ovpack import handling that allows attackers to write files outside the intended import directory. Attackers can craft malicious ZIP archives with traversal sequences, absolute paths, or...
Directory Traversal
Overview openviking is an An Agent-native context database Affected versions of this package are vulnerable to Directory Traversal through the import process when handling .ovpack files. An attacker can overwrite or create arbitrary files outside the intended directory by crafting malicious ZIP...
GHSA-RPQR-J937-6QR9 OpenViking contains a Path Traversal vulnerability
OpenViking versions 0.2.1 and prior, fixed in commit 46b3e76, contain a path traversal vulnerability in the .ovpack import handling that allows attackers to write files outside the intended import directory. Attackers can craft malicious ZIP archives with traversal sequences, absolute paths, or...
CVE-2026-28518
OpenViking versions 0.2.1 and prior, fixed in commit 46b3e76, contain a path traversal vulnerability in the .ovpack import handling that allows attackers to write files outside the intended import directory. Attackers can craft malicious ZIP archives with traversal sequences, absolute paths, or...
CVE-2026-28518
OpenViking versions 0.2.1 and prior, fixed in commit 46b3e76, contain a path traversal vulnerability in the .ovpack import handling that allows attackers to write files outside the intended import directory. Attackers can craft malicious ZIP archives with traversal sequences, absolute paths, or...
CVE-2026-28518
OpenViking versions 0.2.1 and prior, fixed in commit 46b3e76, contain a path traversal vulnerability in the .ovpack import handling that allows attackers to write files outside the intended import directory. Attackers can craft malicious ZIP archives with traversal sequences, absolute paths, or...
EUVD-2026-9296
OpenViking versions 0.2.1 and prior, fixed in commit 46b3e76, contain a path traversal vulnerability in the .ovpack import handling that allows attackers to write files outside the intended import directory. Attackers can craft malicious ZIP archives with traversal sequences, absolute paths, or...
CVE-2026-28518
OpenViking versions 0.2.1 and earlier are affected by a path traversal vulnerability in the .ovpack import handling. Malicious ZIP archives containing traversal sequences, absolute paths, or drive prefixes in member names can write files outside the intended import directory with the importing pr...
CVE-2026-28518 OpenViking .ovpack Import ZIP Slip Path Traversal
OpenViking versions 0.2.1 and prior, fixed in commit 46b3e76, contain a path traversal vulnerability in the .ovpack import handling that allows attackers to write files outside the intended import directory. Attackers can craft malicious ZIP archives with traversal sequences, absolute paths, or...
CVE-2026-28518 OpenViking .ovpack Import ZIP Slip Path Traversal
OpenViking versions 0.2.1 and prior, fixed in commit 46b3e76, contain a path traversal vulnerability in the .ovpack import handling that allows attackers to write files outside the intended import directory. Attackers can craft malicious ZIP archives with traversal sequences, absolute paths, or...
PT-2026-22744
OpenViking versions 0.2.1 and prior, fixed in commit 46b3e76, contain a path traversal vulnerability in the .ovpack import handling that allows attackers to write files outside the intended import directory. Attackers can craft malicious ZIP archives with traversal sequences, absolute paths, or...
OpenViking 安全漏洞
OpenViking is an open-source artificial intelligence agent-based context database developed by Volcengine. Versions of OpenViking prior to 0.2.1 contained security vulnerabilities. These vulnerabilities were due to path traversal issues during the .ovpack import process, which could allow attacke...