7185 matches found
CVE-2021-23520
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...
CVE-2021-23520
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...
DEBIAN-CVE-2021-23520
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...
DEBIAN-CVE-2021-23521
This affects the package juce-framework/JUCE before 6.1.5. This vulnerability is triggered when a malicious archive is crafted with an entry containing a symbolic link. When extracted, the symbolic link is followed outside of the target dir allowing writing arbitrary files on the target host. In...
CVE-2021-23520
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...
Design/Logic Flaw
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...
UBUNTU-CVE-2021-23520
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...
CVE-2021-23520
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...
CVE-2021-23520 Arbitrary File Write via Archive Extraction (Zip Slip)
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...
Arbitrary File Write
zip-local is vulnerable to arbitrary file write aka zip-slip vulnerability. The unsynchronously unzipping leads to extraction of a malicious file outside the intended extraction directory...
CVE-2021-23484
The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip which can lead to an extraction of a crafted file outside the intended extraction directory...
CVE-2021-23484
The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip which can lead to an extraction of a crafted file outside the intended extraction directory...
Directory traversal
The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip which can lead to an extraction of a crafted file outside the intended extraction directory...
CVE-2021-23484 Arbitrary File Write via Archive Extraction (Zip Slip)
The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip which can lead to an extraction of a crafted file outside the intended extraction directory...
CVE-2021-23484
The CVE-2021-23484 entry concerns the zip-local package prior to version 0.3.5, vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip). The issue enables extraction of crafted files outside the intended directory during archive extraction. This is documented across multiple sources ...
zip-local 路径遍历漏洞
Zip-Local is a very simple compression /Uzipping local files and directories in nodes .Js by Mostafa Samir Personal Developer. A security vulnerability exists in versions of zip-local prior to 0.3.5, which allows for arbitrary file write attacks...
PT-2022-9401 · Zip-Local · Zip-Local
Name of the Vulnerable Software and Affected Versions: zip-local versions prior to 0.3.5 Description: The issue allows for Arbitrary File Write via Archive Extraction, also known as Zip Slip, which can lead to the extraction of a crafted file outside the intended extraction directory. This can...
The vulnerability of the Adobe Connect instant messaging program, related to the,。
The vulnerability of the Adobe Connect instant messaging program relates to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to remotely write arbitrary files to the device’s file system...
CVE-2021-32840
SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version 1.3.3...
CVE-2021-32840
SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version 1.3.3...