GHSA-49cc-xrjf-9qf7: SFTPGo allows administrators to restrict command execution from the EventManager

GHSA-rmxg-6qqf-x8mr: GeoNode Server Side Request forgery

GHSA-5cph-wvm9-45gj: Flowise OverrideConfig security vulnerability

GHSA-hj3w-wrh4-44vp: LLama Factory Remote OS Command Injection Vulnerability

GHSA-jh6x-7xfg-9cq2: Searching Opencast may cause a denial of service

Due to improper path santization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.

**Package**

gomod github.com/whyrusleeping/tar-utils (Go)

**Affected versions**

< 0.0.0-20201201191210-20a61371de5b

**Patched versions**

0.0.0-20201201191210-20a61371de5b

Headline

GHSA-jpf8-h7h7-3ppm: tar-utils Path Traversal vulnerability

Related news

ghsa: Latest News