GHSA-qm7h-f635-h2r6HighCVSS 7.5

Microsoft AVML before 0.17.0 could follow a symlink when opening a destination output path on...

Published
July 15, 2026
Last Modified
July 15, 2026

🔗 CVE IDs covered (1)

📋 Description

Microsoft AVML before 0.17.0 could follow a symlink when opening a destination output path on Unix, allowing truncation/overwrite of the symlink target. The destructive effect is performed at open-time via O_TRUNC, and can happen before full input validation completes (“truncation-before-validation”).

🔗 References (5)