Affected versions: BOSH CLI tool versions prior to v7.10.4.
Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Thu, 09 Jul 2026 07:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The blobs.yml path key traversal vulnerability in the BOSH CLI tool allows an attacker to write arbitrary files and exfiltrate sensitive information. Affected versions: BOSH CLI tool versions prior to v7.10.4. | |
| Title | blobs.yaml Path Traversal Allows File Writes | |
| References |
| |
| Metrics |
cvssV3_0
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: vmware
Published:
Updated: 2026-07-09T05:45:33.512Z
Reserved: 2026-05-20T10:00:48.931Z
Link: CVE-2026-47826
No data.
No data.
No data.
OpenCVE Enrichment
No data.
No weakness.