Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2023/03/07 8:37 p.m.25 views

Goutil vulnerable to path traversal when unzipping files

Impact ZipSlip issue when use fsutil package to unzip files. When users use fsutil.Unzip to unzip zip files from a malicious attacker, they may be vulnerable to path traversal. Patches It has been fixed in v0.6.0, Please upgrade version to v0.6.0 or above. Workarounds No, users have to upgrade...

8.8CVSS8.3AI score0.00849EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2022/11/21 10:31 p.m.30 views

Lancet vulnerable to path traversal when unzipping files

Impact What kind of vulnerability is it? Who is impacted? ZipSlip issue when use fileutil package to unzip files. Patches Has the problem been patched? What versions should users upgrade to? It will fixed in v2.1.10, Please upgrade version to v2.1.10 or above. Users who use v1.x.x should upgrade...

8.8CVSS8.2AI score0.00793EPSS
Exploits1References7Affected Software2
Prion
Prion
added 2019/11/04 10:15 p.m.22 views

Design/Logic Flaw

An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files...

3.6CVSS7AI score0.00309EPSS
Exploits0References2Affected Software2
Veracode
Veracode
added 2019/06/07 2:49 a.m.18 views

Directory Traversal

ZIPFoundation is vulnerable to Directory Traversal. This is due to improper sanitisation of the destination URL when unzipping files. An attacker can thus craft a malicious .zip file to install and delete files in unwanted location...

6.5AI score
Exploits0
Rows per page
Query Builder