Security Advisory

CVE-2023-0593

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-01-31 09:31:44

Last updated 2025-03-27 14:37:00

Assigner ONEKEY

State PUBLISHED

Description

A path traversal vulnerability affects yaffshiv YAFFS filesystem extractor. By crafting a malicious YAFFS file, an attacker could force yaffshiv to write outside of the extraction directory. This issue affects yaffshiv up to version 0.1 included, which is the most recent at time of publication.

← Browse all CVEs View on cve.org ↗