Security Advisory

CVE-2025-0377

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-21 15:23:53
Last updated 2025-02-12 20:41:20
Assigner HashiCorp
State PUBLISHED

Description

HashiCorp’s go-slug library is vulnerable to a zip-slip style attack when a non-existing user-provided path is extracted from the tar entry.

← Browse all CVEs View on cve.org ↗