GHSA-GF2C-JWCJ-X929 vlt Mishandles Path Sanitization for tar

vlt before 1.0.0-rc.10 mishandles path sanitization for tar, leading to path traversal during extraction...

CVE-2026-24909

vlt before 1.0.0-rc.10 mishandles path sanitization for tar, leading to path traversal during extraction...

CVE-2026-24909

CVE-2026-24909 concerns the vlt project: vulnerable in versions before 1.0.0-rc.10 due to improper path sanitization in tar extraction, enabling path traversal. In practice, a tar archive with crafted file paths could lead to extraction of files outside the target directory, as described in multi...

CVE-2026-24909

vlt before 1.0.0-rc.10 mishandles path sanitization for tar, leading to path traversal during extraction...

vlt security vulnerabilities

Vlt is a code repository open-sourced by Vlt. Versions of Vlt prior to 1.0.0-rc.10 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of the tar path cleanup, which could lead to path traversal during extraction...

EUVD-2023-31803

Malicious code in bioql PyPI...

CVE-2023-28078

Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are...

Information disclosure

Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are...

CVE-2023-28078

Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are...

CVE-2023-28078

CVE-2023-28078 affects Dell OS10 Networking Switches versions 10.5.2.x and above . A vulnerability in the zeroMQ component when VLT is configured allows a remote unauthenticated attacker to cause information disclosure and potential Denial of Service by sending a large volume of requests. The iss...

CVE-2023-28078

Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are...

CVE-2023-39248

Dell OS10 Networking Switches running 10.5.2.x and above contain an Uncontrolled Resource Consumption Denial of Service vulnerability, when switches are configured with VLT and VRRP. A remote unauthenticated user can cause the network to be flooded leading to Denial of Service for actual network...

Design/Logic Flaw

Dell OS10 Networking Switches running 10.5.2.x and above contain an Uncontrolled Resource Consumption Denial of Service vulnerability, when switches are configured with VLT and VRRP. A remote unauthenticated user can cause the network to be flooded leading to Denial of Service for actual network...

CVE-2023-39248

Dell OS10 Networking Switches running 10.5.2.x and above contain an Uncontrolled Resource Consumption Denial of Service vulnerability, when switches are configured with VLT and VRRP. A remote unauthenticated user can cause the network to be flooded leading to Denial of Service for actual network...

CVE-2023-39248

Dell OS10 Networking Switches running 10.5.2.x and above are affected by an Uncontrolled Resource Consumption (Denial of Service) vulnerability when VLT and VRRP are configured. A remote unauthenticated attacker can flood the network, causing outages for legitimate users. Impact is high availabil...