Directory traversal

2021-06-1822:15:00

PRIOn knowledge base

www.prio-n.com

9.5 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

82.1%

JSON

SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation.

CPENameOperatorVersion
serenityoseq< 3844e8569689dd476064a759d704bc64fb3ca2c

CPE	Name	Operator	Version
	serenityos	eq	< 3844e8569689dd476064a759d704bc64fb3ca2c

References

github.com/SerenityOS/serenity/issues/3991

github.com/SerenityOS/serenity/issues/3992

github.com/SerenityOS/serenity/pull/5713

github.com/SerenityOS/serenity/pull/5713/commits/3844e8569689dd476064a0759d704bc64fb3ca2c