CVE-2024-55587 | python-libarchive up to 4.2.1 zip.py ZipFile.extractall/ZipFile.extract path traversal

Inserito da Angelo Barbosa | Dic 11, 2024 | CVE

A vulnerability was found in python-libarchive up to 4.2.1. It has been declared as critical. This vulnerability affects the function ZipFile.extractall/ZipFile.extract of the file zip.py. The manipulation leads to path traversal.

This vulnerability was named CVE-2024-55587. The attack can only be initiated within the local network. There is no exploit available.

CVE-2024-55587 | python-libarchive up to 4.2.1 zip.py ZipFile.extractall/ZipFile.extract path traversal

Post correlati

CVE-2024-0280 | Kashipara Food Management System up to 1.0 item_type_submit.php type_name sql injection

CVE-2024-8309 | langchain-ai langchain up to 0.2.x GraphCypherQAChain sql injection

CVE-2024-39904 | vnotex vnote up to 3.18.0 URI file inclusion (GHSA-vhh5-8wcv-68gj)

CVE-2024-46943 | OpenDaylight Authentication, Authorization and Accounting up to 0.19.3 Peer