openSUSE 16 Security Update : python-requests (openSUSE-SU-2026:20926-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20926-1 advisory. This update for python-requests fixes the following issue: - CVE-2026-25645: extractzippedpaths uses predictable filenames when extracting files from zi...

CVE-2026-50567 Fission: Zip Slip in pkg/utils/zip.go:Unarchive allows fetcher to write outside the destination directory

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, Unarchive in pkg/utils/zip.go joined each archive entry name with the destination directory via filepath.Join and wrote the result...

EulerOS 2.0 SP13 : python-requests (EulerOS-SA-2026-2356)

According to the versions of the python-requests packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Requests is a HTTP library. Prior to version 2.33.0, the requests.utils.extractzippedpaths utility function uses a predictable filename...

EulerOS 2.0 SP13 : python-requests (EulerOS-SA-2026-2313)

According to the versions of the python-requests packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Requests is a HTTP library. Prior to version 2.33.0, the requests.utils.extractzippedpaths utility function uses a predictable filename...

Security update for python-requests (moderate)

openSUSE security update: security update for python-requests ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20926-1 Rating: moderate References: bsc1260589 Cross-References: CVE-2026-25645 CVSS scores: CVE-2026-25645 SUSE : 5.5...

OPENSUSE-SU-2026:20926-1 Security update for python-requests

This update for python-requests fixes the following issue: - CVE-2026-25645: extractzippedpaths uses predictable filenames when extracting files from zip archives and reuses target files that already exist without validation bsc1260589...

SUSE-SU-2026:22055-1 Security update for python-requests

This update for python-requests fixes the following issue: - CVE-2026-25645: extractzippedpaths uses predictable filenames when extracting files from zip archives and reuses target files that already exist without validation bsc1260589...

CVE-2026-10621

CVE-2026-10621 : Path traversal (Zip Slip) in Collibra Agent during ZIP extraction allows a remote attacker to write arbitrary files outside the extraction directory via a crafted ZIP archive, notably through POST /rest/restore. Exploitation can lead to remote code execution when a malicious JSP ...

CVE-2026-10621

Path traversal in restore handler in Collibra Agent, allows an attacker to write arbitrary files via a crafted ZIP archive. Collibra Agent fails to properly validate and canonicalize file path during ZIP extraction, this can allow an attacker to write files outside the intended extraction directo...

CVE-2026-10621 CVE-2026-10621

Path traversal in restore handler in Collibra Agent, allows an attacker to write arbitrary files via a crafted ZIP archive. Collibra Agent fails to properly validate and canonicalize file path during ZIP extraction, this can allow an attacker to write files outside the intended extraction directo...

GHSA-HWC4-GMRW-5222 Gotenberg has path traversal in zip entry name via Windows-style separators in upload filename

Summary filepath.Base on the Linux container does not strip backslashes , because \ is only a path separator on Windows. A multipart filename like ........\Windows\System32\evil.pdf survives Gotenberg's input sanitisation and lands verbatim as the zip entry name when a multi-output route...

CVE-2026-9559

A path traversal vulnerability exists in the campaign import feature of Mautic 7. When extracting uploaded ZIP files during campaign imports, a flaw in the validation logic allows file paths to escape the intended temporary directories. An authenticated user with campaign import privileges...

CVE-2026-9559

A path traversal vulnerability exists in the campaign import feature of Mautic 7. When extracting uploaded ZIP files during campaign imports, a flaw in the validation logic allows file paths to escape the intended temporary directories. An authenticated user with campaign import privileges...

Mautic 安全漏洞

Mautic is an open-source marketing automation software developed by Mautic. This software can monitor and manage websites, send emails, and manage customer resources. Version 7 of Mautic has a security vulnerability, which stems from path traversal in the activity import function. This...

CVE-2026-44604

A command injection vulnerability was discovered in the rpmuncompress utility of RPM. When extracting certain archive formats ZIP, 7z, GEM to a specified destination directory, the tool inserts the archive's top-level folder name into a shell command without properly sanitizing it. A specially...

CVE-2026-48959 IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward

IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes per iteration...

PT-2026-43486

Name of the Vulnerable Software and Affected Versions IO::Uncompress::Unzip versions prior to 2.220 Description An issue in the fastForward function allows CPU exhaustion. The function compares the length of the $offset variable the digit count of the offset, ranging from 1 to 19 against the chun...

EUVD-2026-29842

efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, efw.file.FileManager.unZip writes zip entries to disk using new FilebaseDir, zipEntry.getName with no canonical-path check. An entry name such as ../../../pwned.jsp escapes the intended extraction directory and lands anywhere the Tomca...

PT-2026-40443

Name of the Vulnerable Software and Affected Versions efw4.X versions prior to 4.08.010 Description The unZip function in efw.file.FileManager writes zip entries to disk using new FilebaseDir, zipEntry.getName without performing a canonical-path check. This allows an attacker to use entry names...

CVE-2026-43888

Outline is a service that allows for collaborative documentation. Prior to 1.7.0, ZipHelper.extract computes the extraction path for each entry by passing a full filesystem path through trimFileAndExt, a filename helper that calls path.basename on its input when truncating. When a zip entry's...