exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2018-1002207

больше 7 лет назад

mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.

CVSS3: 5.5

EPSS: Низкий

GHSA-5wmg-j84w-4jj4

почти 4 года назад

Arbitrary File Write via Archive Extraction in mholt/archiver

CVSS3: 5.5

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2018-1002207 mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.	CVSS3: 5.5	3% Низкий	больше 7 лет назад
	GHSA-5wmg-j84w-4jj4 Arbitrary File Write via Archive Extraction in mholt/archiver	CVSS3: 5.5	3% Низкий	почти 4 года назад

Уязвимостей на страницу