mario-goulart/awful-salmonella-tar

Releases4

Frequency2 years 3 months

Last Release 11 months ago

An awful application to extract salmonella report files from tar archives

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-25358 ↗	Feb 18, 2022Friday, 18 February 2022, 22:15	5.3 MEDIUM	5 MEDIUM
A ..%2F path traversal vulnerability exists in the path handler of awful-salmonella-tar before 0.0.4. Attackers can only list directories (not read files). This occurs because the safe-path? Scheme predicate is not used for directories.