CVE-2012-0051: Tahoe-LAFS fails to ensure integrity

April 23, 2022 (updated November 21, 2024)

Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval.

References

github.com/advisories/GHSA-v62p-cjv8-35xh
github.com/pypa/advisory-database/tree/main/vulns/tahoe-lafs/PYSEC-2019-253.yaml
github.com/tahoe-lafs/tahoe-lafs
nvd.nist.gov/vuln/detail/CVE-2012-0051
security-tracker.debian.org/tracker/CVE-2012-0051
tahoe-lafs.org/trac/tahoe-lafs/ticket/1654

Detect and mitigate CVE-2012-0051 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →