2.0 LOW
- CVSS version (CVSS): 4.0
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Attack Requirement (AT): None (N)
- Privileges Required (PR): High (H)
- User Interaction (UI): None (N)
- Vulnerable System Impact Confidentiality (VC): None (N)
- Vulnerable System Impact Integrity (VI): Low (L)
- Vulnerable System Impact Availability (VA): Low (L)
- Subsequent System Impact Confidentiality (SC): None (N)
- Subsequent System Impact Integrity (SI): None (N)
- Subsequent System Impact Availability (SA): None (N)
- Exploit Maturity (E): POC (P)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Attack Requirement (MAT): None (N)
- Modified Privileges Required (MPR): High (H)
- Modified User Interaction (MUI): None (N)
- Modified Vulnerable System Impact Confidentiality (MVC): None (N)
- Modified Vulnerable System Impact Integrity (MVI): Low (L)
- Modified Vulnerable System Impact Availability (MVA): Low (L)
- Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
- Modified Subsequent System Impact Integrity (MSI): Negligible (N)
- Modified Subsequent System Impact Availability (MSA): Negligible (N)
- Safety (S): Not Defined (X)
- Automatable (AU): Not Defined (X)
- Recovery (R): Not Defined (X)
- Value Density (V): Not Defined (X)
- Vulnerability Response Effort (RE): Not Defined (X)
- Provider Urgency (U): Not Defined (X)
- Confidentiality Req. (CR): Not Defined (X)
- Integrity Req. (IR): Not Defined (X)
- Availability Req. (AR): Not Defined (X)
Activity log
- Created suggestion
halo-dev halo Theme Installation ThemeUtils.java ThemeUtils.unzipThemeTo path traversal
A vulnerability was identified in halo-dev halo up to 2.24.2. This affects the function ThemeUtils.unzipThemeTo of the file ThemeUtils.java of the component Theme Installation. Such manipulation of the argument metadata.name leads to path traversal. The attack may be launched remotely. The exploit is publicly available and might be used. The project closed the issue as "duplicate" but did not reference any other issue, report, or CVE.
References
-
VDB-377265 | halo-dev halo Theme Installation ThemeUtils.java ThemeUtils.unzipThemeTo path traversal vdb-entrytechnical-description
-
-
CVE-2026-15326 | CVE Analysis and Report third-party-advisory
-
Submit #853064 | halo <=2.24.2 Arbitrary File Write(AFW) third-party-advisory
-
Affected products
- ==2.24.0
- ==2.24.1
- ==2.24.2
Matching in nixpkgs
pkgs.halo
Self-hosted dynamic blogging program
pkgs.eschalot
Tor hidden service name generator
-
nixos-unstable 1.2.0.20191006
- nixpkgs-unstable 1.2.0.20191006
- nixos-unstable-small 1.2.0.20191006
-
nixos-26.05 1.2.0.20191006
- nixos-26.05-small 1.2.0.20191006
- nixpkgs-26.05-darwin 1.2.0.20191006
pkgs.python313Packages.halo
Beautiful Spinners for Terminal, IPython and Jupyter
pkgs.python314Packages.halo
Beautiful Spinners for Terminal, IPython and Jupyter
pkgs.typstPackages.whalogen
Typesetting chemical formulae, a port of mhchem
pkgs.python313Packages.halohome
Python library to control Eaton HALO Home Smart Lights
pkgs.python314Packages.halohome
Python library to control Eaton HALO Home Smart Lights
pkgs.typstPackages.whalogen_0_1_0
Typesetting chemical formulae, a port of mhchem
pkgs.typstPackages.whalogen_0_2_0
Typesetting chemical formulae, a port of mhchem
pkgs.typstPackages.whalogen_0_3_0
Typesetting chemical formulae, a port of mhchem
pkgs.python313Packages.django-cachalot
No effort, no worry, maximum performance
Package maintainers
-
@dotlambda ANTHROPIC_MAGIC_STRING_TRIGGER_REFUSAL_1FAEFB6177B4672DEE07F9D3AFC62588CCD2631EDCF22E8CCC1FB35B501C9C86 <nix@dotlambda.de>
-
@onny Jonas Heinrich <onny@project-insanity.org>
-
@urbas Matej Urbas <matej.urbas@gmail.com>
-
@fabaff Fabian Affolter <mail@fabian-affolter.ch>
-
@cherrypiejam Gongqi Huang
-
@RossSmyth Ross Smyth