CVE-2025-64712

The unstructured library provides open-source components for ingesting and pre-processing images and text documents, such as PDFs, HTML, Word docs, and many more. Prior to version 0.18.18, a path traversal vulnerability in the partitionmsg function allows an attacker to write or overwrite arbitra...

CVE-2025-64712 Unstructured has Path Traversal via Malicious MSG Attachment that Allows Arbitrary File Write

The unstructured library provides open-source components for ingesting and pre-processing images and text documents, such as PDFs, HTML, Word docs, and many more. Prior to version 0.18.18, a path traversal vulnerability in the partitionmsg function allows an attacker to write or overwrite arbitra...

Unstructured 安全漏洞

Unstructured is an open-source preprocessing tool for unstructured data developed by Unstructured. Versions of Unstructured prior to 0.18.18 contained a security vulnerability due to a path traversal vulnerability in the partitionmsg function. This vulnerability could allow arbitrary files to be...

Unstructured has Path Traversal via Malicious MSG Attachment that Allows Arbitrary File Write

A Path Traversal vulnerability in the partitionmsg function allows an attacker to write or overwrite arbitrary files on the filesystem when processing malicious MSG files with attachments. Impact An attacker can craft a malicious .msg file with attachment filenames containing path traversal...

PT-2026-5943

Name of the Vulnerable Software and Affected Versions Unstructured versions prior to 0.18.18 Description The Unstructured library, used for ingesting and pre-processing various document types like PDFs, HTML, Word documents, and images, contains a path traversal vulnerability in the partition msg...

Directory Traversal

Overview unstructured is an A library that prepares raw documents for downstream ML tasks. Affected versions of this package are vulnerable to Directory Traversal via the partitionmsg function’s handling of attachment filenames in email MSG files. An attacker can exploit this vulnerability by...

AZL-31969 CVE-2022-25891 affecting package kured for versions less than 1.13.2-1

The package github.com/containrrr/shoutrrr/pkg/util before 0.6.0 are vulnerable to Denial of Service DoS via the util.PartitionMessage function. Exploiting this vulnerability is possible by sending exactly 2000, 4000, or 6000 characters messages...

CVE-2022-25891

The package github.com/containrrr/shoutrrr/pkg/util before 0.6.0 are vulnerable to Denial of Service DoS via the util.PartitionMessage function. Exploiting this vulnerability is possible by sending exactly 2000, 4000, or 6000 characters messages...

shoutrrr 安全漏洞

shoutrrr is based on the JavaScript notification library. A security vulnerability exists in shoutrrr prior to version 0.6.0, which stems from a Denial of Service DoS vulnerability in package github.com/containrrr/shoutrrrr/pkg/util prior to version 0.6.0 via the util.PartitionMessage function. T...

Denial of Service (DoS)

Overview github.com/containrrr/shoutrrr/pkg/util is a notification library for gophers. Affected versions of this package are vulnerable to Denial of Service DoS via the util.PartitionMessage function. Exploiting this vulnerability is possible by sending exactly 2000, 4000, or 6000 characters...