CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-50819: Directory traversal vulnerability in beiyuouo arxiv-daily thru 2025-05-06 (commit fad168770b0e68aef3e5acfa16bb2e7a7765d687) when parsing the the...

Description

Directory traversal vulnerability in beiyuouo arxiv-daily thru 2025-05-06 (commit fad168770b0e68aef3e5acfa16bb2e7a7765d687) when parsing the the topic.yml file in the generation logic in daily_arxiv.py.

Classification

CVE ID: CVE-2025-50819

Affected Products

Vendor: n/a

Product: n/a

Stakeholder-Specific Vulnerability Categorization (SSVC)

SSVC Exploitation: poc

SSVC Technical Impact: partial

SSVC Automatable: false

References

https://nvd.nist.gov/vuln/detail/CVE-2025-50819
https://github.com/amooryx/arxiv-daily/security/advisories/GHSA-xqg6-5wfv-4855
https://github.com/beiyuouo/arxiv-daily

Timeline

2025-07-15 16:40:21 UTC
CVE

Directory traversal vulnerability in beiyuouo arxiv-daily thru 2025-05-06 (commit fad168770b0e68aef3e5acfa16bb2e7a7765d687) when parsing the the...