Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-36314

Опубликовано: 07 апр. 2021
Источник: nvd
CVSS3: 3.9
CVSS2: 2.6
EPSS Низкий

Описание

fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue exists because of an incomplete fix for CVE-2020-11736.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:gnome:file-roller:*:*:*:*:*:*:*:*
Версия до 3.38.0 (включая)
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

EPSS

Процентиль: 42%
0.00198
Низкий

3.9 Low

CVSS3

2.6 Low

CVSS2

Дефекты

CWE-59

Связанные уязвимости

ubuntu логотип

CVE-2020-36314

CVSS3: 3.9
ubuntu
больше 4 лет назад

fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue exists because of an incomplete fix for CVE-2020-11736.

redhat логотип

CVE-2020-36314

CVSS3: 3.9
redhat
больше 4 лет назад

fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue exists because of an incomplete fix for CVE-2020-11736.

debian логотип

CVE-2020-36314

CVSS3: 3.9
debian
больше 4 лет назад

fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used b ...

suse-cvrf логотип

SUSE-SU-2025:0032-1

suse-cvrf
7 месяцев назад

Security update for file-roller

rocky логотип

RLSA-2021:4179

rocky
больше 3 лет назад

Low: file-roller security update

EPSS

Процентиль: 42%
0.00198
Низкий

3.9 Low

CVSS3

2.6 Low

CVSS2

Дефекты

CWE-59