Lucene search

Ark Security Vulnerabilities

cve

CVE-2011-2725

Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file.

6.5AI Score

0.009EPSS

2014-02-04 11:55 PM

cve

CVE-2017-5330

ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications.

7.8CVSS

7.8AI Score

0.016EPSS

2017-03-27 03:59 PM

cve

CVE-2020-16116

In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal.

3.3CVSS

3.6AI Score

0.001EPSS

2020-08-03 08:15 PM

171

cve

CVE-2020-24654

In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory.

3.3CVSS

3.5AI Score

0.002EPSS

2020-09-02 05:15 PM

157