Project

General

Profile

Actions
Copy link

Security #6119

closed

Security #6118: datasets: absolute path in rules can overwrite arbitrary files

datasets: absolute path in rules can overwrite arbitrary files (6.0.x backport)

Added by OISF Ticketbot 11 months ago. Updated 10 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Jason Ish
Target version:
6.0.13
Affected Versions:
Label:
CVE:
2023-35852
Git IDs:

aee1523b4591430ebed1ded0bb95508e6717a335

Severity:
HIGH
Disclosure Date:
Actions
Copy link
 #1

Updated by Jason Ish 11 months ago

  • Status changed from Assigned to In Progress
  • Assignee changed from Eric Leblond to Jason Ish
Actions
Copy link
 #2

Updated by Victor Julien 11 months ago

  • Severity changed from MODERATE to HIGH
Actions
Copy link
 #3

Updated by Victor Julien 11 months ago

  • Status changed from In Progress to Resolved
Actions
Copy link
 #4

Updated by Jason Ish 11 months ago

  • Git IDs updated (diff)
Actions
Copy link
 #5

Updated by Jason Ish 11 months ago

  • Status changed from Resolved to Closed
Actions
Copy link
 #6

Updated by Jason Ish 11 months ago

  • CVE set to 2023-35852
Actions
Copy link
 #7

Updated by Victor Julien 10 months ago

  • Private changed from Yes to No
Actions
Copy link

Also available in: Atom PDF