FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arbitrary files via a …/ (dot dot slash) in a ZIP archive entry that is mishandled during extraction.
CPE | Name | Operator | Version |
---|---|---|---|
flightcrew | eq | 0.9.0 | |
flightcrew | eq | 0.9.1 | |
flightcrew | eq | 0.9.2 | |
flightcrew | eq | 0.7.2 |