1 results (0.048 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

A ..%2F path traversal vulnerability exists in the path handler of awful-salmonella-tar before 0.0.4. Attackers can only list directories (not read files). This occurs because the safe-path? Scheme predicate is not used for directories. Se presenta una vulnerabilidad en el manejo de rutas de awful-salmonella-tar versiones anteriores a 0.0.4. • https://github.com/mario-goulart/awful-salmonella-tar/commit/f705c881769b7610745cd4b4d8ae8b41b3f4f845 https://wiki.call-cc.org/eggref/5/awful-salmonella-tar • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •