Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Path traversal in jefferson
Vulnerability Description
A path traversal vulnerability affects jefferson's JFFS2 filesystem extractor. By crafting malicious JFFS2 files, attackers could force jefferson to write outside of the extraction directory.This issue affects jefferson: before 0.4.1.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
jefferson 路径遍历漏洞
Vulnerability Description
Jefferson是Stefan Viehböck个人开发者的一个 JFFS2 文件系统提取工具。 jefferson 0.4.1之前版本存在安全漏洞。攻击者利用该漏洞通过制作恶意JFFS2文件,从而在提取目录之外写入任意文件。
CVSS Information
N/A
Vulnerability Type
N/A