SUSE CVE-2019-14452

Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ dot dot slash in a ZIP archive entry that is mishandled during extraction...

Mageia: Security Advisory (MGASA-2019-0249)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2019-0249 Updated sigil packages fix security vulnerability

Updated sigil package fixes security vulnerability: Mike Salvatore discovered that Sigil mishandled certain malformed EPUB files. An attacker could use this vulnerability to write arbitrary files to the filesystem CVE-2019-14452...

CVE-2019-14452

Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ dot dot slash in a ZIP archive entry that is mishandled during extraction...

CVE-2019-14452

Sigil up to version 0.9.16 is affected by a directory traversal vulnerability that lets an attacker place arbitrary files by a crafted ZIP entry during extraction. Multiple sources (NVD/NIST, Mageia MGASA-2019-0249, Ubuntu USN-4085-1, OSV entries) confirm the issue and indicate the root cause is ...

CVE-2019-14452

Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ dot dot slash in a ZIP archive entry that is mishandled during extraction...