Описание
An unhandled edge case in the component _sanitizedPath of ZipArchive v2.5.4 allows attackers to cause a Denial of Service (DoS) via a crafted zip file.
Ссылки
- ExploitThird Party Advisory
- ExploitIssue TrackingPatchVendor Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- ExploitIssue TrackingPatchVendor Advisory
- ExploitThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:ziparchive_project:ziparchive:2.5.4:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00053
Низкий
5.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-703
Связанные уязвимости
CVSS3: 5.5
github
больше 2 лет назад
An unhandled edge case in the component _sanitizedPath of ZipArchive v2.5.4 allows attackers to cause a Denial of Service (DoS) via a crafted zip file.
EPSS
Процентиль: 17%
0.00053
Низкий
5.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-703