VYPR

PyPI package

binwalk

pkg:pypi/binwalk

Vulnerabilities (2)

  • CVE-2022-4510Jan 25, 2023
    affected >= 2.1.2b, <= 2.3.3

    A path traversal vulnerability was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 included. By crafting a malicious PFS filesystem file, an attacker can get binwalk's PFS extractor to extract files at arbitrary locations when binwalk is run in extraction mode

  • CVE-2021-4287Dec 27, 2022
    affected < 2.3.3fixed 2.3.3

    A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2.3.2. Affected is an unknown function of the file src/binwalk/modules/extractor.py of the component Archive Extraction Handler. The manipulation leads to symlink following. It is possibl