Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Path Traversal in Safearchive
Vulnerability Description
There exists a Path Traversal vulnerability in Safearchive on Platforms with Case-Insensitive Filesystems (e.g., NTFS). This allows Attackers to Write Arbitrary Files via Archive Extraction containing symbolic links. We recommend upgrading past commit f7ce9d7b6f9c6ecd72d0b0f16216b046e55e44dc
CVSS Information
N/A
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
Google safearchive 安全漏洞
Vulnerability Description
Google safearchive是美国谷歌(Google)公司的一个用于处理 tar 和 zip 存档的构造安全库。 Google safearchive存在安全漏洞,该漏洞源于在大小写不敏感的文件系统上存在路径遍历,允许攻击者通过包含符号链接的归档提取写入任意文件。
CVSS Information
N/A
Vulnerability Type
N/A