Advisory #48
| Title | The Fuck arbitrary file deletion via path traversal |
| CVE ID | CVE-2021-34363 |
| Vendor | The Fuck Maintainers |
| Affected product | The Fuck |
| Affected versions | - 3.30 |
| Vulnerability type | CWE-22 (Path Traversal) |
| Description | The Fuck (aka thefuck) has a vulnerability that allows an attacker to delete arbitrary file on the system via path traversal in "undo archive operation" feature. |
| Status | Fixed in 3.31 |
| Recommendation | Update to 3.31 or above. |