3 matches found
EUVD-2026-4658
pnpm is a package manager. Prior to version 10.28.2, when pnpm installs a file: directory or git: dependency, it follows symlinks and reads their target contents without constraining them to the package root. A malicious package containing a symlink to an absolute path e.g., /etc/passwd,...
samba: Information leak via symlinks of existance of files or directories outside of the exported share
A vulnerability was found in Samba due to an insecure link following. By querying a symlink inside the exported share using SMB1 with unix extensions turned on, an attacker can discover if a named or directory exists on the filesystem outside the exported share. This flaw allows a remote...
samba: Information leak via symlinks of existance of files or directories outside of the exported share
A vulnerability was found in Samba due to an insecure link following. By querying a symlink inside the exported share using SMB1 with unix extensions turned on, an attacker can discover if a named or directory exists on the filesystem outside the exported share. This flaw allows a remote...