Résumé
Build breakout using malicious Containerfile and Git Smart HTTP server or GitHub release tar archive
Références
Vulnérabilités liées
Tout Supply chain →- CRITICALGHSA-W7MQ-R738-X278
Budibase has arbitrary file read by workspace-builder via PWA-zip symlink upload
- HIGHGHSA-74P7-6H78-GW8P
skillctl: argument injection, path traversal in --dest, FIFO/device DoS, hardlink exfiltration, and commit-trailer forgery
- MEDIUMGHSA-G9FX-5R4H-PCW3
motionEye has an Arbitrary File Read via Path Traversal in Picture/Movie Preview Endpoint
- HIGHGHSA-869J-R97X-HX2G
Anki's local HTTP server does not sufficiently validate requests
- HIGHGHSA-CC8F-FCX3-GPJR
SurrealDB: Arbitrary file read via DEFINE ANALYZER mapper() filter
- MEDIUMGHSA-4XGF-CPJX-PC3J
pydantic-settings: NestedSecretsSettingsSource follows symlinks outside secrets_dir, enabling local file read and bypassing secrets_dir_max_size