← voltar
CVE-2022-25358

CVE-2022-25358

EPSS 1.1%
A ..%2F path traversal vulnerability exists in the path handler of awful-salmonella-tar before 0.0.4. Attackers can only list directories (not read files). This occurs because the safe-path? Scheme predicate is not used for directories.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/mario-goulart/awful-salmonella-tar/commit/f705c881769b7610745cd4b4d8ae8b41b3f4f845https://wiki.call-cc.org/eggref/5/awful-salmonella-tar