Go modules package
github.com/google/safearchive
pkg:golang/github.com/google/safearchive
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-10389 | — | < 0.0.0-20241025131057-f7ce9d7b6f9c | 0.0.0-20241025131057-f7ce9d7b6f9c | Nov 4, 2024 | There exists a Path Traversal vulnerability in Safearchive on Platforms with Case-Insensitive Filesystems (e.g., NTFS). This allows Attackers to Write Arbitrary Files via Archive Extraction containing symbolic links. We recommend upgrading past commit f7ce9d7b6f9c6ecd72d0b0f16216 |
- CVE-2024-10389Nov 4, 2024affected < 0.0.0-20241025131057-f7ce9d7b6f9cfixed 0.0.0-20241025131057-f7ce9d7b6f9c
There exists a Path Traversal vulnerability in Safearchive on Platforms with Case-Insensitive Filesystems (e.g., NTFS). This allows Attackers to Write Arbitrary Files via Archive Extraction containing symbolic links. We recommend upgrading past commit f7ce9d7b6f9c6ecd72d0b0f16216