exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2025-67818

около 2 месяцев назад

An issue was discovered in Weaviate OSS before 1.33.4. An attacker with access to insert data into the database can craft an entry name with an absolute path (e.g., /etc/...) or use parent directory traversal (../../..) to escape the restore root when a backup is restored, potentially creating or overwriting files in arbitrary locations within the application's privilege scope.

CVSS3: 7.2

EPSS: Низкий

GHSA-7v39-2hx7-7c43

около 2 месяцев назад

Weaviate OSS has a Path Traversal Vulnerability via Backup ZipSlip

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2025-67818 An issue was discovered in Weaviate OSS before 1.33.4. An attacker with access to insert data into the database can craft an entry name with an absolute path (e.g., /etc/...) or use parent directory traversal (../../..) to escape the restore root when a backup is restored, potentially creating or overwriting files in arbitrary locations within the application's privilege scope.	CVSS3: 7.2	0% Низкий	около 2 месяцев назад
	GHSA-7v39-2hx7-7c43 Weaviate OSS has a Path Traversal Vulnerability via Backup ZipSlip		0% Низкий	около 2 месяцев назад

Уязвимостей на страницу