Lucene search
MitreCVELIST:CVE-2017-5946HistoryFeb 27, 2017 - 7:25 a.m.
CVE-2017-5946
2017-02-2707:25:00
mitre
www.cve.org
5
The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker can upload a malicious file that uses “…/” pathname substrings to write arbitrary files to the filesystem.
Related
nessus
nessus
Debian DSA-3801-1 : ruby-zip - security update
2017-03-06 00:00:00
openSUSE Security Update : rubygem-rubyzip (openSUSE-2017-900)
2017-08-10 00:00:00
Debian DLA-846-1 : libzip-ruby security update
2017-03-07 00:00:00
debian
debian
[SECURITY] [DLA 846-1] libzip-ruby security update
2017-03-06 22:03:29
[SECURITY] [DSA 3801-1] ruby-zip security update
2017-03-04 13:59:24
[SECURITY] [DSA 3801-1] ruby-zip security update
2017-03-04 13:59:24
redhatcve
redhatcve
CVE-2017-5946
2017-03-01 15:19:25
github
github
Directory traversal vulnerability in RubyZip
2017-10-24 18:33:35
openvas
openvas
Debian: Security Advisory (DSA-3801-1)
2017-03-03 00:00:00
Debian Security Advisory DSA 3801-1 (ruby-zip - security update)
2017-03-04 00:00:00
Mageia: Security Advisory (MGASA-2017-0264)
2022-01-28 00:00:00
ubuntucve
ubuntucve
CVE-2017-5946
2017-02-27 00:00:00
cve
cve
CVE-2017-5946
2017-02-27 07:59:00
veracode
veracode
Directory Traversal
2017-02-13 02:05:43
Directory Traversal
2018-06-19 07:25:37
Directory Traversal
2019-01-15 09:26:53
osv
osv
CVE-2017-5946
2017-02-27 07:59:00
Directory traversal vulnerability in RubyZip
2017-10-24 18:33:35
libzip-ruby - security update
2017-03-06 00:00:00
nvd
nvd
CVE-2017-5946
2017-02-27 07:59:00
rubygems
rubygems
Directory traversal vulnerability in rubyzip
2017-02-26 21:00:00
debiancve
debiancve
CVE-2017-5946
2017-02-27 07:59:00
mageia
mageia
Updated ruby-rubyzip packages fix security vulnerability
2017-08-13 16:17:41
prion
prion
Directory traversal
2017-02-27 07:59:00