GHSA-HR4R-FWPV-C95J pgAdmin 4 File Manager has symbolic-link path traversal

Symbolic-link path traversal CWE-61, CWE-22 in pgAdmin 4 File Manager. checkaccesspermission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user could plant a symbolic link inside their own storag...

CVE-2026-7819

Symbolic-link path traversal CWE-61, CWE-22 in pgAdmin 4 File Manager. checkaccesspermission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user could plant a symbolic link inside their own storag...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw from 2026.3.22 to 2026.4.5 contained a security vulnerability. This vulnerability stemmed from the handling of symbolic link traversal in remote market repository paths, which could allow...

zrok: WebDAV drive backend follows symlinks outside DriveRoot, enabling host filesystem read/write

Summary The zrok WebDAV drive backend davServer.Dir restricts path traversal through lexical normalization but does not prevent symlink following. When a symbolic link inside the shared DriveRoot points to a location outside that root, remote WebDAV consumers can read files and—on shares without...

Open Neural Network Exchange 安全漏洞

Open Neural Network Exchange is an open-source ecosystem developed by Open Neural Network Exchange. It enables AI developers to choose the appropriate tools as the project evolves. Versions of Open Neural Network Exchange prior to 1.21.0 contained a security vulnerability caused by symbolic link...

Podman Vulnerable to Arbitrary File Write via Symbolic Link Traversal in 'play.go' File

Podman contains a symbolic link traversal vulnerability when the kube play command is used with a 'ConfigMap' or secret volume mount. A remote attacker could exploit this by creating a malicious symbolic link on the volume in order to overwrite the contents of arbitrary files, however the attacke...

n8n 后置链接漏洞

n8n is a scalable workflow automation tool from the n8n open source. A security vulnerability exists in n8n versions prior to 1.106.0 that stems from the presence of symbolic link traversal in the Read/Write File node, which could lead to bypassing directory restrictions...

Symbolic Link Traversal

@modelcontextprotocol/server-filesystem is vulnerable to Symbolic Link Traversal. The vulnerability is due to insufficient validation of symbolic links within allowed directories, which allows an attacker to access unintended files by leveraging symlinks to bypass directory restrictions...

CBL Mariner 2.0 Security Update: rsync (CVE-2024-12747)

The version of rsync installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12747 advisory. - A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symboli...

CVE-2024-12747

A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass...

cri-o: malicious container can create symlink on host

A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal “../“. This flaw allows the container to read and write to arbitrary files on the host system...

RHEL 8 : unbound (RHSA-2022:0632)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0632 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: integer overflow in the...

unbound: symbolic link traversal when writing PID file

A symbolic link traversal vulnerability was found in unbound in the way it writes its PID file while starting up. This flaw allows a local attacker with access to the unbound user to set up a link to another file, owned by root, and make unbound overwrite it during its next restart, destroying th...

SUSE-SU-2022:0176-2 Security update for unbound

This update for unbound fixes the following issues: - CVE-2019-25031: Fixed configuration injection in createunboundadservers.sh upon a successful man-in-the-middle attack bsc1185382. - CVE-2019-25032: Fixed integer overflow in the regional allocator via regionalalloc bsc1185383. - CVE-2019-25033...

SUSE: Security Advisory (SUSE-SU-2022:0176-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

jenkins: File path filters do not canonicalize paths, allowing operations to follow symbolic links to outside allowed directories

A link following vulnerability was found in Jenkins. The file path filters do not canonicalize paths allowing operations to follow symbolic links to directories they are not supposed to have access to. This may allow an attacker to read and write arbitrary files on the Jenkins controller file...

jenkins: File path filters do not canonicalize paths, allowing operations to follow symbolic links to outside allowed directories

A link following vulnerability was found in Jenkins. The file path filters do not canonicalize paths allowing operations to follow symbolic links to directories they are not supposed to have access to. This may allow an attacker to read and write arbitrary files on the Jenkins controller file...

unbound security, bug fix, and enhancement update

1.7.3-15 - Fix SPEC file to not check md5 mtime and size of /var/lib/unbound/root.key - Resolves: rhbz1714175 - Use system-wide crypto policy setting PROFILE=SYSTEM instead of custom setting - Resolves: rhbz1842837 - Enable additional logging in unbound - Resolves: rhbz1850460 - security hardenin...

CentOS 8 : unbound (CESA-2021:1853)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1853 advisory. - unbound: integer overflow in the regional allocator via regionalalloc CVE-2019-25032 - unbound: integer overflow in sldnsstr2wirednamebuforigin can...

unbound: symbolic link traversal when writing PID file

A symbolic link traversal vulnerability was found in unbound in the way it writes its PID file while starting up. This flaw allows a local attacker with access to the unbound user to set up a link to another file, owned by root, and make unbound overwrite it during its next restart, destroying th...