17 matches found
CVE-2026-33430
Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...
PYSEC-2026-27
Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...
CVE-2026-33430
Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...
PYSEC-2026-27
Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...
CVE-2026-33430 Briefcase: Windows MSI Installer Privilege Escalation via Insecure Directory Permissions
Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...
CVE-2026-33430 Briefcase: Windows MSI Installer Privilege Escalation via Insecure Directory Permissions
Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...
CVE-2026-33430
Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...
CVE-2026-33430
Summary of CVE-2026-33430 and related advisory : The connected OSV/GHSA entries describe a Windows MSI installerPrivilege Escalation in Briefcase when used to create per-machine (All Users) installations. The installation process can create a directory that inherits the permissions of its parent,...
Briefcase: Windows MSI Installer Privilege Escalation via Insecure Directory Permissions
Impact If a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, the installation process creates an directory that inherits all the permissions of the parent directory. Depending on the location chosen by...
GHSA-R3R2-35V9-V238 Briefcase: Windows MSI Installer Privilege Escalation via Insecure Directory Permissions
Impact If a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, the installation process creates an directory that inherits all the permissions of the parent directory. Depending on the location chosen by...
PT-2026-27282
Name of the Vulnerable Software and Affected Versions Briefcase versions 0.3.0 through 0.3.25 Description Briefcase, a tool for converting Python projects into standalone native applications, has an issue where the installation process for Windows MSI installers, when set to install for All Users...
CVE-2024-29188
WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. The custom action behind WiX's RemoveFolderEx functionality could allow a standard user to delete protected directories. RemoveFolderEx deletes an entire directory tree during installation or...
GHSA-JX4P-M4WM-VVJG Malicious directory junction can cause WiX RemoveFoldersEx to possibly delete elevated files
Summary The custom action behind WiX's RemoveFolderEx functionality could allow a standard user to delete protected directories. Details RemoveFolderEx deletes an entire directory tree during installation or uninstallation. It does so by recursing every subdirectory starting at a specified...
PT-2024-4137 · Unknown · Wix Toolset
Name of the Vulnerable Software and Affected Versions: WiX Toolset versions prior to 3.14.1 WiX Toolset versions prior to 4.0.5 Description: The custom action behind WiX's RemoveFolderEx functionality could allow a standard user to delete protected directories. RemoveFolderEx deletes an entire...
Validator CLI Tool Fails to Process VMs in Per-machine backup with separate metadata files
Challenge When attempting to use the Veeam Backup Validator command-line tool to validate the VMs contained within a job that was using the Per-machine backup with separate metadata files aka True Per-VM backup chain format, the Veeam Backup Validator tool throws the error: Cannot find last point...
Veeam PowerShell cmdlets to help Automate Backup Copy Backup Format Upgrade
This article provides information about using Veeam PowerShell to automate the procedure of upgrading Legacy Periodic Backup Copy jobs to use the new True Per-Machine backup format. These PowerShell commands can be used to simplify the Backup Chain Format upgrade process...
Scale-Out Backup Repository Free Space Calculation
Challenge Jobs running to a Scale-Out Backup Repository report "No scale-out repository extents have sufficient disk space to store the backup file, " even though some of the extents have adequate free space. Cause At the beginning of a job, if no other jobs are running, Veeam Backup & Replicatio...