3 matches found
CVE-2026-6968
CVE-2026-6968 affects awslabs/tough prior to tough-v0.22.0 (and related tuftool). The vulnerability arises from incomplete path traversal fixes, where write operations join the destination path before containment verification, enabling remote authenticated users with delegated signing authority t...
console 路径遍历漏洞
console is an application by Grayson Groshong Individual Developer. A path traversal vulnerability exists in console versions prior to 2.8.0, which stems from a path traversal that could result in a write to a non-target directory...
CVE-2025-8023 Path Traversal in Template Upload Allows Uploading Files Outside Target Directory
Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.9.x = 10.9.2 fails to sanitize path traversal sequences in template file destination paths, which allows a system admin to perform path traversal attacks via malicious path components, potentially enabling malicious file...