7 matches found
AZL-79532 CVE-2026-27139 affecting package golang 1.18.8-10
On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...
CVE-2026-27139
On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...
AZL-75014 CVE-2025-71176 affecting package pytest 7.4.0-2
pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-user name pattern, which allows local users to cause a denial of service or possibly gain privileges...
Malicious plugin names, recipients, or identities can cause arbitrary binary execution
A plugin name containing a path separator may allow an attacker to execute an arbitrary binary. Such a plugin name can be provided through an attacker-controlled input to the following age APIs when the plugin feature flag is enabled: - age::plugin::Identity::fromstr or equivalently str::parse:: ...
Updated e2fsprogs packages fix security vulnerability
Updated e2fsprogs packages fix security vulnerability: A code execution vulnerability in the directory rehashing functionality CVE-2019-5188. For other fixes in this update, see the referenced release info...
CVE-2017-11421
Removed by vendor...
Brio Unix Directory Traversal
The Brio web application interface has a directory traversal in the component SPDX-FileCopyrightText: 2003 Chris Foster Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only v. 1.00 last upda...