2 matches found
GHSA-58PV-8J8X-9VJ2 jaraco.context Has a Path Traversal Vulnerability
Summary There is a Zip Slip path traversal vulnerability in the jaraco.context package affecting setuptools as well, in jaraco.context.tarball function. The vulnerability may allow attackers to extract files outside the intended extraction directory when malicious tar archives are processed. The...
USN-4123-1 npm/fstream vulnerability
It was discovered that npm/fstream incorrectly handled certain crafted tarballs. An attacker could use this vulnerability to write aritrary files to the filesystem...