Lucene search
K

21 matches found

OSV
OSV
added 4 days ago5 views

PYSEC-2026-386 pytorch-lightning vulnerable to Arbitrary File Write via /v1/runs API endpoint

A vulnerability in the /v1/runs API endpoint of lightning-ai/pytorch-lightning v2.2.4 allows attackers to exploit path traversal when extracting tar.gz files. When the LightningApp is running with the pluginserver, attackers can deploy malicious tar.gz plugins that embed arbitrary files with path...

9.1CVSS7.7AI score0.01307EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/06/08 3:20 p.m.39 views

CVE-2026-49755 Decompression bomb DoS in Req via auto-decoded archive and compressed response bodies

Improper Handling of Highly Compressed Data Data Amplification vulnerability in wojtekmach Req allows attacker-controlled HTTP servers to exhaust memory in a Req client via decompression-bomb response bodies. Req's default response pipeline includes Req.Steps.decodebody/1 and...

8.2CVSS0.00438EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:20 p.m.5 views

CVE-2026-49755

Improper Handling of Highly Compressed Data Data Amplification vulnerability in wojtekmach Req allows attacker-controlled HTTP servers to exhaust memory in a Req client via decompression-bomb response bodies. Req's default response pipeline includes Req.Steps.decodebody/1 and...

8.2CVSS5.5AI score0.00438EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/05/28 8:56 p.m.52 views

CVE-2026-44885

Portainer Portainer Community Edition is affected by a directory traversal in the backup archive extraction path. The vulnerable code path is ExtractTarGz in api/archive/targz.go, which builds output paths via filepath.Clean(filepath.Join(outputDirPath, header.Name)). A tar entry like ../../etc/c...

5.5CVSS5.9AI score0.00606EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2026/05/15 3:16 p.m.16 views

CVE-2026-46483

Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tarVimuntar in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-like systems. The function builds :!gunzip and :!gzip -d commands using shellescapetartail without the...

7CVSS0.00552EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/15 2:57 p.m.52 views

CVE-2026-46483 Vim: Command injection in tar#Vimuntar via missing shellescape {special} flag

Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tarVimuntar in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-like systems. The function builds :!gunzip and :!gzip -d commands using shellescapetartail without the...

3.6CVSS0.00552EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/11 12:0 a.m.10 views

CVE-2026-31248

Docling's METS GBS backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend extracts and validates XML files from .tar.gz archives using etree.fromstring without disabling entity resolution. An attacker can craft a malicious XML file with nested entity definitions XML Bo...

5.8AI score0.00278EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/11 12:0 a.m.31 views

CVE-2026-31248

Docling's METS GBS backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend extracts and validates XML files from .tar.gz archives using etree.fromstring without disabling entity resolution. An attacker can craft a malicious XML file with nested entity definitions XML Bo...

0.00278EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/18 10:3 p.m.2 views

CVE-2026-32731

ApostropheCMS is an open-source content management framework. Prior to version 3.5.3 of @apostrophecms/import-export, The extract function in gzip.js constructs file-write paths using fs.createWriteStreampath.joinexportPath, header.name. path.join does not resolve or sanitise traversal segments...

9.9CVSS5.6AI score0.00432EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/03/18 10:3 p.m.15 views

CVE-2026-32731

CVE-2026-32731 affects ApostropheCMS via the @apostrophecms/import-export gzip extractor. The extract(filepath, exportPath) uses fs.createWriteStream(path.join(exportPath, header.name)) without sanitising path traversal, allowing Zip Slip if a crafted .tar.gz is uploaded by a user with Global Con...

9.9CVSS5.6AI score0.00432EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/03/11 7:5 p.m.26 views

CVE-2026-31894 WeGIA affected by arbitrary file read via symlink in backup restore

WeGIA is a web manager for charitable institutions. In 3.6.5, The patched loadBackupDB extracts tar.gz archives to a temporary directory using PHP's PharData class, then uses glob and filegetcontents to read SQL files from the extracted contents. Neither the extraction nor the file reading...

6.9CVSS0.00414EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/24 3:32 a.m.3 views

CVE-2026-3067 HummerRisk Archive Extraction CommandUtils.java extractZip path traversal

A vulnerability has been found in HummerRisk up to 1.5.0. This issue affects the function extractTarGZ/extractZip of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/CommandUtils.java of the component Archive Extraction. The manipulation leads to path traversal...

6.5CVSS5AI score0.00491EPSS
Exploits1References4
EUVD
EUVD
added 2026/02/24 3:32 a.m.6 views

EUVD-2026-7396

A vulnerability has been found in HummerRisk up to 1.5.0. This issue affects the function extractTarGZ/extractZip of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/CommandUtils.java of the component Archive Extraction. The manipulation leads to path traversal...

8.8CVSS5AI score0.00491EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/24 3:32 a.m.6 views

CVE-2026-3067

A vulnerability has been found in HummerRisk up to 1.5.0. This issue affects the function extractTarGZ/extractZip of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/CommandUtils.java of the component Archive Extraction. The manipulation leads to path traversal...

6.5CVSS5AI score0.00491EPSS
Exploits1References4
NVD
NVD
added 2026/02/11 6:16 p.m.12 views

CVE-2025-69874

nanotar through 0.2.0 has a path traversal vulnerability in parseTar and parseTarGzip that allows remote attackers to write arbitrary files outside the intended extraction directory via a crafted tar archive containing path traversal sequence...

9.8CVSS0.00841EPSS
Exploits2References3
vulnersOsv
vulnersOsv
added 2026/01/20 1:45 a.m.10 views

org.webjars.npm:canvas (>=2.5.0 <=2.6.0), org.webjars.npm:color-thief (=2.2.5) +12 more potentially affected by CVE-2026-23950 via org.webjars.npm:tar (>=0.1.20 <=4.4.19)

org.webjars.npm:tar MAVEN version =0.1.20, =2.5.0, =0.97.5, =0.2.0, =3.4.0, =0.6.19, =2.0.0, =3.1.4, =3.4.1 - org.webjars.npm:tar.gz =1.0.7 Source cves: CVE-2026-23950 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15038582...

8.8CVSS6.1AI score0.00233EPSS
Exploits1
Mageia
Mageia
added 2026/01/11 1:7 a.m.12 views

Updated zlib packages fix security vulnerability

zlib = 1.3.1.2 untgz Global Buffer Overflow in TGZfname. CVE-2026-22184...

8.6CVSS6.8AI score0.0035EPSS
Exploits0References2
CVE
CVE
added 2025/11/26 12:32 a.m.9 views

CVE-2025-66251

CVE-2025-66251 affects DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter family (versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000). Unauthenticated attacker can exploit an issue in the deletehidden parameter to perform path traversal, resulting in deletion of arbitra...

9.1CVSS6.7AI score0.00426EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2024/10/11 12:0 a.m.4 views

Extract 安全漏洞

Extract is a Go library open-sourced by codeclysm. It is used to extract archives in zip, tar.gz or tar.bz2 format. A security vulnerability exists in Extract versions prior to 4.0.0, which stems from a maliciously constructed archive file that allows an attacker to create symbolic links outside ...

7.5CVSS7.9AI score0.00534EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2014/06/20 12:0 a.m.5 views

PT-2014-5359 · Red Hat · Openshift Origin +1

Name of the Vulnerable Software and Affected Versions: OpenShift Origin and Enterprise versions 1.2.8 through 2.1.1 Description: The issue allows remote attackers to execute arbitrary commands via shell metacharacters in a Source-Url ending with certain file extensions in a cartridge manifest fil...

10CVSS7AI score0.05085EPSS
Exploits0References7
Rows per page
Query Builder