Описание
perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could use this flaw to write or overwrite arbitrary files in the context of the perl interpreter.
Ссылки
- Third Party AdvisoryVDB Entry
- Issue TrackingPatchThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingPatchThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
EPSS
5.4 Medium
CVSS3
7.5 High
CVSS3
6.4 Medium
CVSS2
Дефекты
Связанные уязвимости
perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could use this flaw to write or overwrite arbitrary files in the context of the perl interpreter.
perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could use this flaw to write or overwrite arbitrary files in the context of the perl interpreter.
perl-archive-zip is vulnerable to a directory traversal in Archive::Zi ...
EPSS
5.4 Medium
CVSS3
7.5 High
CVSS3
6.4 Medium
CVSS2