EUVD-2021-1834

Malware in sbrugna...

EUVD-2015-3353

Malicious code in bioql PyPI...

Medium: python3.11-pip

Issue Overview: Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267. CVE-2007-4559...

UBUNTU-CVE-2024-55459

An issue in keras 3.7.0 allows attackers to write arbitrary files to the user's machine via downloading a crafted tar file through the getfile function...

Cauldron Development cbang 路径遍历漏洞

Cauldron Development cbang is a C++ utility library from Cauldron Development. A security vulnerability exists in Cauldron Development cbang bastet-v8.1.17 and earlier, which stems from the presence of directory traversal. An attacker can exploit this vulnerability to create or write files outsid...

CVE-2023-31483

tar/TarFileReader.cpp in Cauldron cbang before bastet-v8.1.17 has a directory traversal during extraction that allows the attacker to create or write to files outside the current directory via a crafted tar archive...

CVE-2016-2554

Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted TAR archive...