Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 1:24 p.m.6 views

CVE-2018-1002207

mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

5.5CVSS6.8AI score0.0253EPSS
Exploits1References1
NVD
NVD
added 2018/07/25 5:29 p.m.18 views

CVE-2018-1002207

mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

5.5CVSS5.5AI score0.0253EPSS
Exploits1References5
OSV
OSV
added 2018/07/25 5:29 p.m.22 views

CVE-2018-1002207

mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

5.5CVSS6.7AI score
Exploits0References5
Cvelist
Cvelist
added 2018/07/25 5:0 p.m.22 views

CVE-2018-1002207

mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

5.4AI score0.0253EPSS
Exploits1References5
CVE
CVE
added 2018/07/25 5:0 p.m.55 views

CVE-2018-1002207

CVE-2018-1002207 affects the mholt/archiver Go package. The vulnerability stems from directory traversal in archive extraction ("../" path components), enabling an attacker to write to arbitrary files on the host. Affected: versions prior to the commit e4ef56d48eb029648b0e895bb0b6a393ef0829c3. Im...

5.5CVSS5.7AI score0.0253EPSS
Exploits1References5Affected Software1
Check Point Advisories
Check Point Advisories
added 2018/06/06 12:0 a.m.58 views

ZIP Slip Arbitrary File Overwrite Remote Code Execution (CVE-2018-1002200; CVE-2018-1002201; CVE-2018-1002203; CVE-2018-1002204; CVE-2018-1002205; CVE-2018-1002206; CVE-2018-1002207; CVE-2018-1261; CVE-2018-8008; CVE-2018-8009; CVE-2021-43555)

A file overwrite vulnerability exist in archive formats. To trigger this issue, an attacker may create a malicious archive that will exploit this vulnerability. Successful exploitation of this vulnerability would allow a remote attacker to overwrite arbitrary files on the vulnerable system and...

6.8CVSS4.4AI score0.37986EPSS
Exploits7
Rows per page
Query Builder