[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

CVE-2018-1002209 -- libquazip

ID: oval:org.secpod.oval:def:2000220Date: (C)2019-04-21   (M)2023-12-20
Class: VULNERABILITYFamily: unix




QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as "Zip-Slip".

Platform:
Debian 8.x
Debian 9.x
Product:
libquazip-dev
Reference:
CVE-2018-1002209
CVE    1
CVE-2018-1002209
CPE    3
cpe:/o:debian:debian_linux:8.x
cpe:/o:debian:debian_linux:9.x
cpe:/a:libquazip-dev:libquazip-dev

© SecPod Technologies