Minitar allows attackers to overwrite arbitrary files during archive
extraction via a … (dot dot) in an extracted filename. Analogous
vulnerabilities for unzip and tar:
https://www.cvedetails.com/cve/CVE-2001-1268/ and
http://www.cvedetails.com/cve/CVE-2001-1267/
Credit: ecneladis
CPE | Name | Operator | Version |
---|---|---|---|
archive-tar-minitar | lt | 0.6.0 |