CVE-2021-23391
7.3
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:F/RL:U/RC:C
Summary
This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | calipso | 0 < unspecified | affected |
Weaknesses
- Arbitrary File Write via Archive Extraction (Zip Slip)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.