CVE-2021-42556
CVE-2021-42556 affects Rasa X (before 0.42.4). The issue is a directory traversal during the extraction of a trained model archive, enabling an attacker to gain arbitrary write access within specific directories by crafting the archive file. This is documented across multiple sources (NVD entry a...