6 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-25707
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to...
CVE-2026-34242
Weblate is a web based localization tool. In versions prior to 5.17, the ZIP download feature didn't verify downloaded files, potentially following symlinks outside the repository. This issue has been fixed in version 5.17...
Linux Distros Unpatched Vulnerability : CVE-2026-24686
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - go-tuf is a Go implementation of The Update Framework TUF. go-tuf's TAP 4 Multirepo Client uses the map file repository name string repoName as a filesystem pat...
EUVD-2020-30488
Malware in sbrugna...
gix traversal outside working tree enables arbitrary code execution
Summary During checkout, gitoxide does not verify that paths point to locations in the working tree. A specially crafted repository can, when cloned, place new files anywhere writable by the application. Details Although gix-worktree-state checks for collisions with existing files, it does not...
yum-utils: reposync: improper path validation may lead to directory traversal
A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path...