5 matches found
EUVD-2026-30559
Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.13.0, Microsoft APM contains a Windows-specific archive extraction boundary failure in the legacy-bundle probe used by apm install on supported Python 3.10 and 3.11 runtimes. When apm install is given a...
AZL-34945 CVE-2013-4420 affecting package libtar for versions less than 1.2.20-11
Multiple directory traversal vulnerabilities in the 1 tarextractglob and 2 tarextractall functions in libtar 1.2.20 and earlier allow remote attackers to overwrite arbitrary files via a .. dot dot in a crafted tar file...
AZL-6651 CVE-2013-4420 affecting package libtar for versions less than 1.2.20-8
Multiple directory traversal vulnerabilities in the 1 tarextractglob and 2 tarextractall functions in libtar 1.2.20 and earlier allow remote attackers to overwrite arbitrary files via a .. dot dot in a crafted tar file...
DEBIAN-CVE-2013-4420
Multiple directory traversal vulnerabilities in the 1 tarextractglob and 2 tarextractall functions in libtar 1.2.20 and earlier allow remote attackers to overwrite arbitrary files via a .. dot dot in a crafted tar file...
PT-2014-2786 · None +1 · Libtar +1
Name of the Vulnerable Software and Affected Versions: libtar versions 1.2.20 and earlier Description: The issue concerns multiple directory traversal vulnerabilities in the tar extract glob and tar extract all functions. These vulnerabilities allow remote attackers to overwrite arbitrary files b...