CNNVD-202509-950 Information

CNNVD ID

CNNVD-202509-950

Related CVE

CVE-2025-58438

• CNNVD Published: 2025-09-06

Description (Chinese)

internetarchive是jjjake个人开发者的一个Python库。 internetarchive 5.5.0及之前版本存在路径遍历漏洞，该漏洞源于路径遍历，可能导致任意文件写入。

Description (English)

Internetarchive is a Python library for the personal developer of jjjake. Intelnarchive 5.5.0 and previous versions have a loophole in the path, which originates in the path and may lead to any document being written.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

个人开发者

Published

2025-09-06

Last Modified

2026-02-24

References

https://github.com/jjjake/internetarchive/commit/cba2d459e10a9489fb35caeba0b03e80f5f5d7c2 https://github.com/jjjake/internetarchive/releases/tag/v5.5.1 https://github.com/jjjake/internetarchive/security/advisories/GHSA-wx3r-v6h7-frjp https://access.redhat.com/security/cve/cve-2025-58438 https://vigilance.fr/vulnerability/internetarchive-directory-traversal-via-File-download-48340

Patch

https://github.com/jjjake/internetarchive/releases