VYPR
Unrated severityNVD Advisory· Published Oct 22, 2021· Updated Aug 4, 2024

CVE-2021-42556

CVE-2021-42556

Description

Rasa X before 0.42.4 allows Directory Traversal during archive extraction. In the functionality that allows a user to load a trained model archive, an attacker has arbitrary write capability within specific directories via a crafted archive file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Rasa/Rasa Xdescription
  • Rasahq/Rasallm-fuzzy
    Range: <0.42.4

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.