CVE-2024-37372 Information

Description

The Permission Model assumes that any path starting with two backslashes \ has a four-character prefix that can be ignored which is not always true. This subtle bug leads to vulnerable edge cases.

Reference

http://www.openwall.com/lists/oss-security/2024/07/11/6 http://www.openwall.com/lists/oss-security/2024/07/19/3