Описание
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1.6-1 |
| bionic | not-affected | 1.6-1 |
| cosmic | not-affected | 1.6-1 |
| devel | not-affected | 1.6-1 |
| disco | not-affected | 1.6-1 |
| eoan | not-affected | 1.6-1 |
| esm-apps/bionic | not-affected | 1.6-1 |
| esm-apps/focal | not-affected | 1.6-1 |
| esm-apps/jammy | not-affected | 1.6-1 |
| esm-apps/xenial | not-affected | 1.6-1 |
Показывать по
5 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash.
cabextract before 1.6 does not properly check for leading slashes when ...
cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash.
5 Medium
CVSS2
5.3 Medium
CVSS3