Free Trial

CVE-2024-10389 : GOOGLE SAFEARCHIVE ARCHIVE EXTRACTION UNCONTROLLED SEARCH PATH

Description

There exists a Path Traversal vulnerability in Safearchive on Platforms with Case-Insensitive Filesystems (e.g., NTFS). This allows Attackers to Write Arbitrary Files via Archive Extraction containing symbolic links. We recommend upgrading past commit f7ce9d7b6f9c6ecd72d0b0f16216b046e55e44dc.

References

https://github.com/google/safearchive/commit/f7ce9d7b6f9c6ecd72d0b0f16216b046e55e44dc

For More Information

CVERecord

Common Vulnerabilityies and Exposures

CVE-2024-10389 : GOOGLE SAFEARCHIVE ARCHIVE EXTRACTION UNCONTROLLED SEARCH PATH
CVE-2024-10389 : GOOGLE SAFEARCHIVE ARCHIVE EXTRACTION UNCONTROLLED SEARCH PATH

Contact us to get started

CVE-2024-51136 : OPENIMAJ 1.3.10 DMOZ2CSV XML EXTERNAL ENTITY REFERENCE

CVE-2024-51136 : OPENIMAJ 1.3.10 DMOZ2CSV XML EXTERNAL ENTITY REFERENCE

Description An XML External Entity (XXE) vulnerability in Dmoz2CSV in openimaj v1.3.10 allows attackers to access sensitive information or execute

Learn more
CVE-2024-48809 : OPEN NETWORKING FOUNDATION SDRAN-IN-A-BOX/ONOS-A1T DELETEWATCHER DENIAL OF SERVICE

CVE-2024-48809 : OPEN NETWORKING FOUNDATION SDRAN-IN-A-BOX/ONOS-A1T DELETEWATCHER DENIAL OF SERVICE

Description An issue in Open Networking Foundations sdran-in-a-box v.1.4.3 and onos-a1t v.0.2.3 allows a remote attacker to cause a denial

Learn more
CVE-2024-45164 : AKAMAI SPS/APPS PORTAL SIA THREATAVERT THREATAVERTPOLICIES IMPROPER AUTHORIZATION

CVE-2024-45164 : AKAMAI SPS/APPS PORTAL SIA THREATAVERT THREATAVERTPOLICIES IMPROPER AUTHORIZATION

Description Akamai SIA (Secure Internet Access Enterprise) ThreatAvert, in SPS (Security and Personalization Services) before the latest 19.2.0 patch and

Learn more