Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gitlabHttps://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-1E1EB0A7BDF43ED159B238E8067E8E90
HistoryAug 16, 2021 - 12:00 a.m.

Path Traversal

2021-08-1600:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
8
bblfshd
zipslip
vulnerability
path traversal
source code
symbolic links
unpacking
arbitrary locations
arbitrary file write
permissions
archive file
software

EPSS

0.003

Percentile

69.1%

JSON

bblfshd is an open source self-hosted server for source code parsing. In bblfshd there is a zipslip vulnerability. The unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary locations outside the designated target folder. This issue may lead to arbitrary file write (with same permissions as the program running the unpack operation) if the attacker can control the archive file.

Related

prion 1
cvelist 1
osv 1
cve 1
veracode 1
nvd 1
prion
prion
Design/Logic Flaw
2021-08-16 19:15:00
cvelist
cvelist
CVE-2021-32825 ZipSlip vulnerability in bblfshd
2021-08-16 19:00:13
osv
osv
CVE-2021-32825
2021-08-16 19:15:14
cve
cve
CVE-2021-32825
2021-08-16 19:15:14
veracode
veracode
Symlink Attack
2021-08-17 03:56:27
nvd
nvd
CVE-2021-32825
2021-08-16 19:15:14

EPSS

0.003

Percentile

69.1%

JSON
Related for GITLAB-1E1EB0A7BDF43ED159B238E8067E8E90
prion1cvelist1osv1cve1veracode1nvd1