159 matches found
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : permissions (SUSE-SU-2022:3353-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3353-1 advisory. - CVE-2022-31252: Fixed chkstat group controlled paths bsc1203018. Tenable has extracted the preceding...
openSUSE 15 Security Update : permissions (openSUSE-SU-2022:10128-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:10128-1 advisory. - A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap...
PYSEC-2022-43179
Poetry is a dependency manager for Python. To handle dependencies that come from a Git repository, Poetry executes various commands, e.g. git config. These commands are being executed using the executable’s name and not its absolute path. This can lead to the execution of untrusted code due to th...
CVE-2022-36070
Poetry is a dependency manager for Python. To handle dependencies that come from a Git repository, Poetry executes various commands, e.g. git config. These commands are being executed using the executable’s name and not its absolute path. This can lead to the execution of untrusted code due to th...
PT-2022-23158 · Poetry · Poetry
Name of the Vulnerable Software and Affected Versions: Poetry versions prior to 1.1.9 Poetry versions prior to 1.2.0b1 Description: The issue arises from Poetry executing commands like git config using the executable's name instead of its absolute path. This can lead to the execution of untrusted...
Poetry 代码问题漏洞
Poetry is a tool for dependency management and packaging in Python. It allows you to declare the libraries on which your project depends and will manage install/update them for you. A code issue vulnerability exists in Poetry versions prior to 1.1.9 and prior to 1.2.0b1 that stems from the...
CVE-2022-31252
A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the...
CVE-2022-0855
Improper Resolution of Path Equivalence in GitHub repository microweber-dev/whmcsplugin prior to 0.0.4...
SUSE-SU-2021:3553-1 Security update for Salt
This update fixes the following issues: salt: - Support querying for JSON data in external sql pillar - Exclude the full path of a download URL to prevent injection of malicious code bsc1190265, CVE-2021-21996 - Fix wrong relative paths resolution with Jinja renderer when importing subdirectories...
CVE-2021-37712 Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links
The npm package "tar" aka node-tar before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achiev...
Design/Logic Flaw
dandavison delta before 0.8.3 on Windows resolves an executable's pathname as a relative path from the current directory...
Directory Traversal
rack-cors is vulnerable to directory traversal. The vulnerability exists as it does not escape nor resolve the path before evaluating the resource rules, allowing access to files outside the /public folder...
Pulp Arbitrary File Overwrite Vulnerability
Pulp is a free and open source repository platform for managing content. The platform supports pushing content from software packages to consumers. An arbitrary file overwrite vulnerability exists in Pulp version 2.16.x. The vulnerability stems from the program failing to properly resolve paths a...
GHSA-4VCM-QFXH-P6C3 Directory Traversal in getcityapi.yoehoehne
Affected versions of getcityapi.yoehoehne resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable syste...
PHP 7.0.x < 7.0.12 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.12. It is, therefore, affected by multiple vulnerabilities : - A NULL pointer dereference flaw exists in the SimpleXMLElement::asXML function within file ext/simplexml/simplexml.c. An unauthenticate...
Sudo sudoedit Local Command Privilege Escalation Vulnerability
Sudo contains a vulnerability that could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability exists due to an error in the affected software while matching commands due to incorrect path resolution. A local attacker with privileges to...
FreeBSD : sudo -- Privilege escalation with sudoedit (1a9f678d-48ca-11df-85f8-000c29a67389)
Todd Miller reports : Sudo's command matching routine expects actual commands to include one or more slash '/' characters. The flaw is that sudo's path resolution code did not add a './' prefix to commands found in the current working directory. This creates an ambiguity between a 'sudoedit'...
sudo -- Privilege escalation with sudoedit
Todd Miller reports: Sudo's command matching routine expects actual commands to include one or more slash '/' characters. The flaw is that sudo's path resolution code did not add a "./" prefix to commands found in the current working directory. This creates an ambiguity between a "sudoedit" comma...
DEBIAN-CVE-2009-2813
Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote...