VDB

GO-2024-3196

GO-2024-3196 PUBLISHED

Extract has insufficient checks allowing attacker to create symlinks outside the extraction directory. in github.com/codeclysm/extract

Affected Products

VendorProductVersions
github.comcodeclysm/extract/v40, 0
github.comcodeclysm/extract0, 0
github.comcodeclysm/extract/v30, 0

Timeline

  • Oct 15, 2024 CVE Published
  • Mar 3, 2026 CVE Updated
  • May 1, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›