Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in the tar crate before 0.4.36 for Rust. When symlinks are present in a TAR archive, extraction can create arbitrary directories via .. traversal.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Alexcrichton Tar-rs 路径遍历漏洞
Vulnerability Description
Alexcrichton Tar-rs是Rust 的 tar 归档读/写库。 Alexcrichton Tar-rs 中存在路径遍历漏洞,该漏洞源于产品的解压功能实现逻辑错误,攻击者可通过解压含有符号链接的tar包在其他目录创建文件。以下产品及版本受到影响:Alexcrichton Tar-rs 0.4.36。
CVSS Information
N/A
Vulnerability Type
N/A