3 matches found
Updated quazip packages fix security vulnerability
Updated quazip packages fix security vulnerability: A vulnerability has been found in the way developers have implemented the archive extraction of files. An arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive affects other archives as well, bzip2, tar,x...
CVE-2018-1002209
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...
CVE-2018-1002209
CVE-2018-1002209 (Zip-Slip) affects QuaZIP before 0.7.6, where directory traversal can occur during extraction due to mishandling of a Zip entry. An attacker could write to arbitrary files outside the target directory. The issue is rooted in the archive extraction implementation in QuaZIP (Qt wra...