Vulnerabilities > S3Ql Project > S3Ql > 0.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-10 | CVE-2018-12088 | Improper Input Validation vulnerability in S3Ql Project S3Ql S3QL before 2.27 mishandles checksumming, and consequently allows replay attacks in which an attacker who controls the backend can present old versions of the filesystem metadata database as up-to-date, temporarily inject zero-valued bytes into files, or temporarily hide parts of files. | 7.5 |
2014-09-02 | CVE-2014-0485 | Code Injection vulnerability in S3Ql Project S3Ql S3QL 1.18.1 and earlier uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object in (1) common.py or (2) local.py in backends/. | 7.5 |