PyPI package
ubi-reader
pkg:pypi/ubi-reader
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-0591 | — | < 0.8.5 | 0.8.5 | Jan 31, 2023 | ubireader_extract_files is vulnerable to path traversal when run against specifically crafted UBIFS files, allowing the attacker to overwrite files outside of the extraction directory (provided the process has write access to that file or directory). This is due to the fact tha | ||
| CVE-2022-4572 | — | < 0.8.5 | 0.8.5 | Dec 17, 2022 | A vulnerability, which was classified as problematic, has been found in UBI Reader up to 0.8.0. Affected by this issue is the function ubireader_extract_files of the file ubireader/ubifs/output.py of the component UBIFS File Handler. The manipulation leads to path traversal. The |
- CVE-2023-0591Jan 31, 2023affected < 0.8.5fixed 0.8.5
ubireader_extract_files is vulnerable to path traversal when run against specifically crafted UBIFS files, allowing the attacker to overwrite files outside of the extraction directory (provided the process has write access to that file or directory). This is due to the fact tha
- CVE-2022-4572Dec 17, 2022affected < 0.8.5fixed 0.8.5
A vulnerability, which was classified as problematic, has been found in UBI Reader up to 0.8.0. Affected by this issue is the function ubireader_extract_files of the file ubireader/ubifs/output.py of the component UBIFS File Handler. The manipulation leads to path traversal. The