CVE-2022-35861 – Directory Traversal

pyenv 1.2.24 through 2.3.2 allows local users to gain privileges via a .python-version file in the current working directory. An attacker can craft a Python version string in .python-version to execute shims under their control. (Shims are executables that pass a command along to a specific version of pyenv. The version string is used to construct the path to the command, and there is no validation of whether the version specified is a valid version. Thus, relative path traversal can occur.) (CVSS:4.6) (Last Update:2022-07-18)Latest security vulnerabilities (Directory Traversal) (CVSS score >= 4) 

​   

More To Explore

Red Hat Security Advisory 2022-8750-01

Red Hat Security Advisory 2022-8750-01 – OpenShift Virtualization is Red Hat’s virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include denial of

Do You Want To Secure Your Business?

drop us a line and keep in touch

Cyber Security Automation
Generated by Feedzy