PT-2024-10802 · Dotmesh · Dotmesh
Name of the Vulnerable Software and Affected Versions: Dotmesh versions 0.8.1 and prior Description: The issue is related to the unsafe handling of symbolic links in an unpacking routine, which may enable attackers to read and/or write to arbitrary locations outside the designated target folder...