CVE-2021-23391

Summary

This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality.

Affected Software

VendorProductVersion RangeStatus
n/acalipso0 < unspecifiedaffected

Weaknesses

  • Arbitrary File Write via Archive Extraction (Zip Slip)

ADP Enrichment

CVE Program Container

Additional References

References