2 matches found
CVE-2018-12036
OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames...
CVE-2018-12036
CVE-2018-12036 affects OWASP Dependency-Check prior to 3.2.0. The issue allows an attacker to write to arbitrary files by processing a crafted archive that contains directory traversal filenames, enabling arbitrary file writes. This is caused by unsafe extraction paths in the affected component. ...