Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.8
CVE-2019-10743
- EPSS 1.29%
- Published 29.10.2019 19:15:16
- Last modified 21.11.2024 04:19:50
All versions of archiver allow attacker to perform a Zip Slip attack via the "unarchive" functions. It is exploited using a specially crafted zip archive, that holds path traversal filenames. When exploited, a filename in a malicious archive is conca...
5.5
CVE-2018-1002207
- EPSS 2.62%
- Published 25.07.2018 17:29:02
- Last modified 21.11.2024 03:40:40
mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. Thi...
1