19 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-16680
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly...
RHEL 6 : file-roller (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - file-roller: path traversal vulnerability via a specially crafted filename contained in malicious archive...
SUSE: Security Advisory (SUSE-SU-2020:1088-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for file-roller (EulerOS-SA-2021-1294)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : file-roller (CESA-2020:4820)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:4820 advisory. - file-roller: path traversal vulnerability via a specially crafted filename contained in malicious archive CVE-2019-16680 - file-roller: directory...
Huawei EulerOS: Security Advisory for file-roller (EulerOS-SA-2020-2545)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : file-roller (EulerOS-SA-2020-2545)
According to the version of the file-roller packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive...
file-roller security update
3.28.1-3 - Fix CVE-2020-11736 1827395 - Fix CVE-2019-16680 1767594...
RHEL 8 : file-roller (RHSA-2020:4820)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4820 advisory. File Roller is an application for creating and viewing archives files, such as tar or zip files. Security Fixes: file-roller: path traversal...
SUSE SLED15 / SLES15 Security Update : file-roller (SUSE-SU-2020:1557-1)
This update for file-roller fixes the following issues : CVE-2020-11736: Fixed a directory traversal vulnerability due to improper checking whether a file's parent is an external symlink bsc1169428. CVE-2019-16680: Fixed a path traversal vulnerability which could have allowed an overwriting of a...
openSUSE: Security Advisory for file-roller (openSUSE-SU-2020:0825-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLES12 Security Update : file-roller (SUSE-SU-2020:1088-1)
This update for file-roller fixes the following issues : CVE-2019-16680: Fixed a path traversal vulnerability which could have allowed an overwriting of a file during extraction bsc1151585. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE...
Debian DSA-4537-1 : file-roller - security update
It was discovered that file-roller, an archive manager for GNOME, does not properly handle the extraction of archives with a single ./../ in a file path. An attacker able to provide a specially crafted archive for processing can take advantage of this flaw to overwrite files if a user is dragging...
Debian: Security Advisory (DSA-4537-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4537-1] file-roller security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4537-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 28, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4537-1] file-roller security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4537-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 28, 2019 https://www.debian.org/security/faq -...
CVE-2019-16680
An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction...
CVE-2019-16680
CVE-2019-16680 concerns GNOME file-roller prior to 3.29.91. Affected component: file extraction from TAR archives. Root cause: a single ./../ path traversal via a filename inside the archive can lead to overwriting an existing file during extraction. Impact stated in sources: potential file overw...
CVE-2019-16680
An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction...