SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

OVAL

File-roller - (bulletinoct2019)

ID: oval:org.secpod.oval:def:2105357	Date: (C)2020-01-19 (M)2023-12-20
Class: PATCH	Family: unix

An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction.

Platform:

Sun Solaris 11

Product:

desktop/archive-manager/file-roller

Reference:

bulletinoct2019

CVE-2019-16680


30430



423868



247974



909



194654



282