Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-jpf8-h7h7-3ppm: tar-utils Path Traversal vulnerability

Due to improper path santization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.

ghsa
#vulnerability#git

Package

gomod github.com/whyrusleeping/tar-utils (Go)

Affected versions

< 0.0.0-20201201191210-20a61371de5b

Patched versions

0.0.0-20201201191210-20a61371de5b

Related news

CVE-2020-36566: Snyk Vulnerability Database | Snyk

Due to improper path santization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.

ghsa: Latest News

GHSA-49cc-xrjf-9qf7: SFTPGo allows administrators to restrict command execution from the EventManager