Lucene search
Redhat.comRH:CVE-2017-5946HistoryMar 01, 2017 - 3:19 p.m.
CVE-2017-5946
2017-03-0115:19:25
redhat.com
access.redhat.com
7
0.004 Low
EPSS
Percentile
74.5%
The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker can upload a malicious file that uses “…/” pathname substrings to write arbitrary files to the filesystem.
Related
openvas
openvas
Debian Security Advisory DSA 3801-1 (ruby-zip - security update)
2017-03-04 00:00:00
Debian: Security Advisory (DSA-3801-1)
2017-03-03 00:00:00
Mageia: Security Advisory (MGASA-2017-0264)
2022-01-28 00:00:00
osv
osv
Directory traversal vulnerability in RubyZip
2017-10-24 18:33:35
CVE-2017-5946
2017-02-27 07:59:00
ruby-zip - security update
2017-03-04 00:00:00
nvd
nvd
CVE-2017-5946
2017-02-27 07:59:00
cvelist
cvelist
CVE-2017-5946
2017-02-27 07:25:00
cve
cve
CVE-2017-5946
2017-02-27 07:59:00
ubuntucve
ubuntucve
CVE-2017-5946
2017-02-27 00:00:00
veracode
veracode
Directory Traversal
2017-02-13 02:05:43
Directory Traversal
2019-01-15 09:26:53
Directory Traversal
2018-06-19 07:25:37
prion
prion
Directory traversal
2017-02-27 07:59:00
debian
debian
[SECURITY] [DLA 846-1] libzip-ruby security update
2017-03-06 22:03:29
[SECURITY] [DSA 3801-1] ruby-zip security update
2017-03-04 13:59:24
[SECURITY] [DSA 3801-1] ruby-zip security update
2017-03-04 13:59:24
nessus
nessus
Debian DSA-3801-1 : ruby-zip - security update
2017-03-06 00:00:00
Debian DLA-846-1 : libzip-ruby security update
2017-03-07 00:00:00
openSUSE Security Update : rubygem-rubyzip (openSUSE-2017-900)
2017-08-10 00:00:00
github
github
Directory traversal vulnerability in RubyZip
2017-10-24 18:33:35
mageia
mageia
Updated ruby-rubyzip packages fix security vulnerability
2017-08-13 16:17:41
debiancve
debiancve
CVE-2017-5946
2017-02-27 07:59:00