Skip to main content

Flightcrew

3 CVEs product

Monthly

CVE-2019-14452 HIGH PATCH This Week

Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Sigil Flightcrew Ubuntu Linux
NVD GitHub
CVSS 3.0
7.5
EPSS
3.7%
CVE-2019-13241 HIGH POC This Week

FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Flightcrew Ubuntu Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
1.6%
CVE-2019-13032 MEDIUM This Month

An issue was discovered in FlightCrew v0.9.2 and earlier. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Flightcrew
NVD GitHub
CVSS 3.0
5.5
EPSS
1.0%
EPSS 4% CVSS 7.5
HIGH PATCH This Week

Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Sigil Flightcrew +1
NVD GitHub
EPSS 2% CVSS 7.8
HIGH POC This Week

FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Flightcrew Ubuntu Linux
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM This Month

An issue was discovered in FlightCrew v0.9.2 and earlier. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Flightcrew
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy