Safety vulnerability ID: 40651
The information on this page was manually curated by our Cybersecurity Intelligence Team.
The thefuck (aka The Fuck) package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature.
https://github.com/nvbn/thefuck/commit/e343c577cd7da4d304b837d4a07ab4df1e023092
Latest version: 3.32
Magnificent app which corrects your previous console command
The thefuck (aka The Fuck) package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature. See CVE-2021-34363.
MISC:https://github.com/nvbn/thefuck/commit/e343c577cd7da4d304b837d4a07ab4df1e023092: https://github.com/nvbn/thefuck/commit/e343c577cd7da4d304b837d4a07ab4df1e023092
MISC:https://github.com/nvbn/thefuck/releases/tag/3.31: https://github.com/nvbn/thefuck/releases/tag/3.31
MISC:https://vuln.ryotak.me/advisories/48: https://vuln.ryotak.me/advisories/48
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application