15 matches found
PT-2026-50789
Name of the Vulnerable Software and Affected Versions OneDev versions prior to 15.0.7 Description An arbitrary file write issue exists due to symlink path traversal. The TarUtils.untar function creates symbolic links using the getLinkName TAR entry without validating if the target is an absolute...
CVE-2026-1464
Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager app/src/main/java/org/apache/commons/compress/archivers/tar modules. This vulnerability is associated with program files TarUtils.Java. This issue affects AppManager: before 4.0.4...
EUVD-2026-4716
Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager app/src/main/java/org/apache/commons/compress/archivers/tar modules. This vulnerability is associated with program files TarUtils.Java. This issue affects AppManager: before 4.0.4...
CVE-2026-1464
CVE-2026-1464 describes an Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager, specifically in the tar utilities (app/src/main/java/org/apache/commons/compress/archivers/tar modules, TarUtils.Java). The issue affects AppManager versions before 4.0.4. Connected records reiter...
App Manager security vulnerability
App Manager is an Android package manager and viewer developed by Muntashir Al-Islam as a personal project. Versions of App Manager prior to 4.0.4 contained security vulnerabilities, which were caused by integer overflows or circular errors in the TarUtils.Java files...
EUVD-2021-8634
Malicious code in bioql PyPI...
CVE-2025-0851
A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library DJL on all platforms allows a bad actor to write files to arbitrary locations...
CVE-2025-0851 Path traversal issue in Deep Java Library
A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library DJL on all platforms allows a bad actor to write files to arbitrary locations...
CVE-2025-0851
CVE-2025-0851 affects Deep Java Library (DJL): the unzip (ZipUtils) and untar (TarUtils) extraction utilities contain a path traversal flaw that can cause artifacts to be written outside the intended destination when extracting archives. Affected versions are DJL 0.1.0 through 0.31.0; the issue i...
CVE-2025-0851 Path traversal issue in Deep Java Library
A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library DJL on all platforms allows a bad actor to write files to arbitrary locations...
Theonedev OneDev Directory Traversal Vulnerability
Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. Theonedev Onedev versions prior to...
CVE-2021-21251
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3 there is a critical "zip slip" vulnerability. This issue may lead to arbitrary file write. The KubernetesResource REST endpoint untars user controlled data from the request body using TarUtils. TarUtils is a custom library...
Design/Logic Flaw
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3 there is a critical "zip slip" vulnerability. This issue may lead to arbitrary file write. The KubernetesResource REST endpoint untars user controlled data from the request body using TarUtils. TarUtils is a custom library...
CVE-2021-21251 ZipSlip Arbitrary File Upload
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3 there is a critical "zip slip" vulnerability. This issue may lead to arbitrary file write. The KubernetesResource REST endpoint untars user controlled data from the request body using TarUtils. TarUtils is a custom library...
Theonedev Onedev 路径遍历漏洞
Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. Theonedev Onedev versions prior to...