Описание
A vulnerability in all versions of Kuba allows attackers to overwrite arbitrary files in arbitrary directories with crafted Zip files due to improper validation of file paths in .zip archives.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:kuba_project:kuba:*:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00505
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
больше 3 лет назад
A vulnerability in all versions of Kuba allows attackers to overwrite arbitrary files in arbitrary directories with crafted Zip files due to improper validation of file paths in .zip archives.
EPSS
Процентиль: 66%
0.00505
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-22