Lucene search
K

5 matches found

OSV
OSV
added 2026/05/07 5:6 a.m.7 views

MGASA-2026-0116 Updated opam packages fix security vulnerability

In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory. CVE-2026-41082...

7.8CVSS6.2AI score0.00205EPSS
Exploits0References3
Mageia
Mageia
added 2026/05/07 5:6 a.m.15 views

Updated opam packages fix security vulnerability

In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory. CVE-2026-41082...

7.8CVSS6.2AI score0.00205EPSS
Exploits0References2
OSV
OSV
added 2026/04/02 6:7 p.m.3 views

CVE-2026-34726 Copier `_subdirectory` allows template root escape via parent-directory traversal

Copier is a library and CLI app for rendering project templates. Prior to version 9.14.1, Copier's subdirectory setting is documented as the subdirectory to use as the template root. However, the current implementation accepts parent-directory traversal such as .. and uses it directly when...

4.4CVSS5.9AI score0.00383EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/04/02 6:7 p.m.22 views

CVE-2026-34726 Copier `_subdirectory` allows template root escape via parent-directory traversal

Copier is a library and CLI app for rendering project templates. Prior to version 9.14.1, Copier's subdirectory setting is documented as the subdirectory to use as the template root. However, the current implementation accepts parent-directory traversal such as .. and uses it directly when...

4.4CVSS0.00383EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/04/01 10:28 p.m.8 views

Copier `_subdirectory` allows template root escape via parent-directory traversal

Summary Copier's subdirectory setting is documented as the subdirectory to use as the template root. However, the current implementation accepts parent-directory traversal such as .. and uses it directly when selecting the template root. As a result, a template can escape its own directory and ma...

4.4CVSS5.9AI score0.00383EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder