Filtered by vendor Plexus-archiver Project
Subscribe
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-1002200 | 3 Debian, Plexus-archiver Project, Redhat | 5 Debian Linux, Plexus-archiver, Enterprise Linux and 2 more | 2019-10-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'. | |||||