Описание
The thefuck (aka The Fuck) package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | needs-triage | |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-apps/xenial | needs-triage | |
| esm-infra-legacy/trusty | DNE | |
| focal | ignored | end of standard support, was needs-triage |
| groovy | ignored | end of life |
Показывать по
Ссылки на источники
EPSS
6.4 Medium
CVSS2
9.1 Critical
CVSS3
Связанные уязвимости
The thefuck (aka The Fuck) package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature.
The thefuck (aka The Fuck) package before 3.31 for Python allows Path ...
The Fuck Arbitrary File Deletion via Path Traversal
Уязвимость пакета TheFuck языка программирования Python, связанная с недостатками ограничения имени пути к каталогу, позволяющая нарушителю нарушить целостность данных, а также вызвать отказ в обслуживании
EPSS
6.4 Medium
CVSS2
9.1 Critical
CVSS3