14 matches found
EUVD-2024-3298
Malicious code in bioql PyPI...
The vulnerability of the Safearchive library for processing tar and zip archives lies in its uncontrolled search path element, which allows attackers to escalate their privileges.
The vulnerability of the Safearchive library for processing tar and zip archives is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...
SUSE CVE-2024-10389
There exists a Path Traversal vulnerability in Safearchive on Platforms with Case-Insensitive Filesystems e.g., NTFS. This allows Attackers to Write Arbitrary Files via Archive Extraction containing symbolic links. We recommend upgrading past commit f7ce9d7b6f9c6ecd72d0b0f16216b046e55e44dc...
Path Traversal
Safearchive is vulnerable to a Path Traversal. The vulnerability is due to the handling of archive extractions on case-insensitive filesystems e.g., NTFS, which allows attackers to write arbitrary files by using symbolic links in the archive...
GO-2024-3251 Safearchive Path Traversal vulnerability in github.com/google/safearchive
Safearchive Path Traversal vulnerability in github.com/google/safearchive...
GHSA-Q3RP-VVM7-J8JG Safearchive Path Traversal vulnerability
There exists a Path Traversal vulnerability in Safearchive on Platforms with Case-Insensitive Filesystems e.g., NTFS. This allows Attackers to Write Arbitrary Files via Archive Extraction containing symbolic links. We recommend upgrading past commit f7ce9d7b6f9c6ecd72d0b0f16216b046e55e44dc...
Safearchive Path Traversal vulnerability
There exists a Path Traversal vulnerability in Safearchive on Platforms with Case-Insensitive Filesystems e.g., NTFS. This allows Attackers to Write Arbitrary Files via Archive Extraction containing symbolic links. We recommend upgrading past commit f7ce9d7b6f9c6ecd72d0b0f16216b046e55e44dc...
CVE-2024-10389
There exists a Path Traversal vulnerability in Safearchive on Platforms with Case-Insensitive Filesystems e.g., NTFS. This allows Attackers to Write Arbitrary Files via Archive Extraction containing symbolic links. We recommend upgrading past commit f7ce9d7b6f9c6ecd72d0b0f16216b046e55e44dc...
CVE-2024-10389
There exists a Path Traversal vulnerability in Safearchive on Platforms with Case-Insensitive Filesystems e.g., NTFS. This allows Attackers to Write Arbitrary Files via Archive Extraction containing symbolic links. We recommend upgrading past commit f7ce9d7b6f9c6ecd72d0b0f16216b046e55e44dc...
CVE-2024-10389 Path Traversal in Safearchive
There exists a Path Traversal vulnerability in Safearchive on Platforms with Case-Insensitive Filesystems e.g., NTFS. This allows Attackers to Write Arbitrary Files via Archive Extraction containing symbolic links. We recommend upgrading past commit f7ce9d7b6f9c6ecd72d0b0f16216b046e55e44dc...
CVE-2024-10389
CVE-2024-10389 describes a path-traversal in Safearchive on platforms with case-insensitive filesystems (e.g., NTFS) that allows an attacker to write arbitrary files via archive extraction containing symbolic links. The initial description provides affected conditions and a recommended fix: upgra...
CVE-2024-10389 Path Traversal in Safearchive
There exists a Path Traversal vulnerability in Safearchive on Platforms with Case-Insensitive Filesystems e.g., NTFS. This allows Attackers to Write Arbitrary Files via Archive Extraction containing symbolic links. We recommend upgrading past commit f7ce9d7b6f9c6ecd72d0b0f16216b046e55e44dc...
Google safearchive 安全漏洞
Google safearchive is a constructed security library for working with tar and zip archives from Google USA. A security vulnerability exists in Google safearchive, which stems from a path traversal on a case-insensitive file system, allowing an attacker to write to arbitrary files via an archive...
PT-2024-16238 · Unknown +1 · Safearchive +1
Name of the Vulnerable Software and Affected Versions: Safearchive versions prior to commit f7ce9d7b6f9c6ecd72d0b0f16216b046e55e44dc Description: The issue is related to a Path Traversal vulnerability in Safearchive on platforms with case-insensitive filesystems, such as NTFS. This vulnerability...