exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2017-5946

почти 9 лет назад

The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker can upload a malicious file that uses "../" pathname substrings to write arbitrary files to the filesystem.

CVSS3: 9.8

EPSS: Низкий

CVE-2017-5946

около 9 лет назад

The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker can upload a malicious file that uses "../" pathname substrings to write arbitrary files to the filesystem.

CVSS3: 7

EPSS: Низкий

CVE-2017-5946

почти 9 лет назад

The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker can upload a malicious file that uses "../" pathname substrings to write arbitrary files to the filesystem.

CVSS3: 9.8

EPSS: Низкий

CVE-2017-5946

почти 9 лет назад

The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a ...

CVSS3: 9.8

EPSS: Низкий

openSUSE-SU-2017:2120-1

больше 8 лет назад

Security update for rubygem-rubyzip

EPSS: Низкий

GHSA-gcqq-w6gr-h9j9

больше 8 лет назад

Directory traversal vulnerability in RubyZip

CVSS3: 9.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2017-5946 The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker can upload a malicious file that uses "../" pathname substrings to write arbitrary files to the filesystem.	CVSS3: 9.8	6% Низкий	почти 9 лет назад
CVE-2017-5946 The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker can upload a malicious file that uses "../" pathname substrings to write arbitrary files to the filesystem.	CVSS3: 7	6% Низкий	около 9 лет назад
CVE-2017-5946 The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker can upload a malicious file that uses "../" pathname substrings to write arbitrary files to the filesystem.	CVSS3: 9.8	6% Низкий	почти 9 лет назад
CVE-2017-5946 The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a ...	CVSS3: 9.8	6% Низкий	почти 9 лет назад
openSUSE-SU-2017:2120-1 Security update for rubygem-rubyzip		6% Низкий	больше 8 лет назад
GHSA-gcqq-w6gr-h9j9 Directory traversal vulnerability in RubyZip	CVSS3: 9.8	6% Низкий	больше 8 лет назад

Уязвимостей на страницу