Lucene search
Veracode Vulnerability DatabaseVERACODE:26569HistorySep 02, 2020 - 6:39 a.m.
Arbitrary File Write
2020-09-0206:39:27
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.001 Low
EPSS
Percentile
40.1%
github.com/u-root/u-root/pkg/tarutil is vulnerable to arbitrary file write. The vulnerability exists due to the incorrect usage of filepath.Join("/", path) when performing cpio file extraction.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/u-root/u-root | le | 6.0.0 | |
| github.com/u-root/u-root | le | 6.0.0 |
Related
prion
prion
Path traversal
2020-09-01 14:15:00
nvd
nvd
CVE-2020-7669
2020-09-01 14:15:14
github
github
cve
cve
CVE-2020-7669
2020-09-01 14:15:14
osv
osv
cvelist
cvelist
CVE-2020-7669 Arbitrary File Write via Archive Extraction (Zip Slip)
2020-09-01 00:00:00