Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Perl-archive-zip Project Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-10860 3 Canonical, Debian, Perl-archive-zip Project 3 Ubuntu Linux, Debian Linux, Perl-archive-zip 2018-09-23 6.4 MEDIUM 7.5 HIGH
perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could use this flaw to write or overwrite arbitrary files in the context of the perl interpreter.