14 matches found
Astra Linux - уязвимость в unrar-nonfree
UnRAR before version 6.2.3 allowed extraction of files outside of the destination folder using symlink chains...
EUVD-2026-10425
Shescape is a simple shell escape library for JavaScript. Prior to 2.1.9, an attacker may be able to bypass escaping for the shell being used. This can result, for example, in exposure of sensitive information. This impacts users of Shescape that configure their shell to point to a file on disk...
CVE-2026-24047
Backstage is an open framework for building developer portals, and @backstage/cli-common provides config loading functionality used by the backend and command line interface of Backstage. Prior to version 0.1.17, the resolveSafeChildPath utility function in @backstage/backend-plugin-api, which is...
Linux Distros Unpatched Vulnerability : CVE-2022-48579
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains. CVE-2022-48579 Note that Nessus relies on the presence of th...
Debian dla-3535 : libunrar-dev - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3535 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3535-1 [email protected] https://www.debian.org/lts/security/...
UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains.
...
SUSE CVE-2022-48579
UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains...
DEBIAN-CVE-2022-48579
UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains...
AZL-27870 CVE-2022-48579 affecting package clamav for versions less than 0.105.2-2
UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains...
CVE-2022-48579
UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains...
CVE-2022-48579
UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains...
UBUNTU-CVE-2022-48579
UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains...
CVE-2022-48579
UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains...
DEBIAN-CVE-2020-29529
HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks. Fixed in 0.5.0...