4 matches found
Goutil vulnerable to path traversal when unzipping files
Impact ZipSlip issue when use fsutil package to unzip files. When users use fsutil.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. Patches It has been fixed in v0.6.0, Please upgrade version to v0.6.0 or above. Workarounds No, users have to upgrade...
Lancet vulnerable to path traversal when unzipping files
Impact What kind of vulnerability is it? Who is impacted? ZipSlip issue when use fileutil package to unzip files. Patches Has the problem been patched? What versions should users upgrade to? It will fixed in v2.1.10, Please upgrade version to v2.1.10 or above. Users who use v1.x.x should upgrade...
Design/Logic Flaw
An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files...
Directory Traversal
ZIPFoundation is vulnerable to Directory Traversal. This is due to improper sanitisation of the destination URL when unzipping files. An attacker can thus craft a malicious .zip file to install and delete files in unwanted location...