Kde

Ark

5 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2024-57966

  • EPSS 0.01%
  • Published 03.02.2025 05:15:10
  • Last modified 09.02.2025 05:15:32

libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive.

4.3

CVE-2020-24654

  • EPSS 0.84%
  • Published 02.09.2020 17:15:12
  • Last modified 21.11.2024 05:15:23

In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory.

4.3

CVE-2020-16116

  • EPSS 0.83%
  • Published 03.08.2020 20:15:13
  • Last modified 21.11.2024 05:06:47

In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal.

7.8

CVE-2017-5330

Exploit
  • EPSS 1.17%
  • Published 27.03.2017 15:59:00
  • Last modified 20.04.2025 01:37:25

ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications.

6.8

CVE-2011-2725

Exploit
  • EPSS 0.61%
  • Published 04.02.2014 23:55:03
  • Last modified 11.04.2025 00:51:21

Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file.