Lucene search
+L

25 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : file-roller-3.28.1-4.el8 (AXSA:2021-2652:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2652:02 advisory. file-roller: directory traversal via directory symlink pointing outside of the target directory incomplete fix for CVE-2020-11736 CVE-2020-36314...

3.9CVSS5.6AI score0.00768EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-23856

Malware in sbrugna...

3.9CVSS4.3AI score0.00611EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2020-11736

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is ...

3.9CVSS5.5AI score0.00768EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.35 views

RHEL 6 : file-roller (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - file-roller: path traversal vulnerability via a specially crafted filename contained in malicious archive...

5AI score0.02132EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2021-0311)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.9CVSS4.9AI score0.00768EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.15 views

Mageia: Security Advisory (MGASA-2020-0218)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.9CVSS4.3AI score0.00768EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/11/09 6:30 p.m.3 views

file-roller: directory traversal via directory symlink pointing outside of the target directory (incomplete fix for CVE-2020-11736)

A path traversal vulnerability was found in file-roller due to an incomplete fix for CVE-2020-11736. It may still be possible to extract files outside of the intended directory in case of malicious archives containing symbolic links. The highest threat from this vulnerability is to data integrity...

3.9CVSS5.7AI score0.00611EPSS
Exploits1References4
OSV
OSV
added 2021/11/09 8:32 a.m.20 views

ALSA-2021:4179 Low: file-roller security update

File Roller is an application for creating and viewing archives files, such as tar or zip files. Security Fixes: file-roller: directory traversal via directory symlink pointing outside of the target directory incomplete fix for CVE-2020-11736 CVE-2020-36314 For more details about the security...

3.9CVSS4.8AI score0.00768EPSS
Exploits1References2
AlmaLinux
AlmaLinux
added 2021/11/09 8:32 a.m.33 views

Low: file-roller security update

File Roller is an application for creating and viewing archives files, such as tar or zip files. Security Fixes: file-roller: directory traversal via directory symlink pointing outside of the target directory incomplete fix for CVE-2020-11736 CVE-2020-36314 For more details about the security...

3.9CVSS5AI score0.00768EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2020:1505-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.9CVSS4.8AI score0.00768EPSS
Exploits0References4
Veracode
Veracode
added 2021/04/14 2:27 a.m.23 views

Directory Traversal

file-roller is vulnerable to directory traversal. The fr-archive-libarchive.c module allows directory traversal during extraction as there is a lack of check of whether a file's parent is a symlink in certain complex situations. This issue exists due to an incomplete fix for CVE-2020-11736...

3.9CVSS4.6AI score0.00768EPSS
Exploits1References5Affected Software1
OpenVAS
OpenVAS
added 2021/02/22 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for file-roller (EulerOS-SA-2021-1294)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS4.3AI score0.02132EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.28 views

CentOS 8 : file-roller (CESA-2020:4820)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:4820 advisory. - file-roller: path traversal vulnerability via a specially crafted filename contained in malicious archive CVE-2019-16680 - file-roller: directory...

4.3CVSS5.6AI score0.02132EPSS
Exploits1References3
Oracle linux
Oracle linux
added 2020/11/10 12:0 a.m.30 views

file-roller security update

3.28.1-3 - Fix CVE-2020-11736 1827395 - Fix CVE-2019-16680 1767594...

4.3CVSS1.2AI score0.02132EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/11/04 12:0 a.m.32 views

RHEL 8 : file-roller (RHSA-2020:4820)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4820 advisory. File Roller is an application for creating and viewing archives files, such as tar or zip files. Security Fixes: file-roller: path traversal...

4.3CVSS5.8AI score0.02132EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2020/09/14 12:0 a.m.23 views

GLSA-202009-06 : GNOME File Roller: Directory traversal

The remote host is affected by the vulnerability described in GLSA-202009-06 GNOME File Roller: Directory traversal It was discovered that GNOME File Roller incorrectly handled symlinks. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround a...

3.9CVSS5.5AI score0.00768EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/06/18 12:0 a.m.29 views

SUSE SLED15 / SLES15 Security Update : file-roller (SUSE-SU-2020:1557-1)

This update for file-roller fixes the following issues : CVE-2020-11736: Fixed a directory traversal vulnerability due to improper checking whether a file's parent is an external symlink bsc1169428. CVE-2019-16680: Fixed a path traversal vulnerability which could have allowed an overwriting of a...

4.3CVSS5.5AI score0.02132EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2020/06/18 12:0 a.m.20 views

openSUSE: Security Advisory for file-roller (openSUSE-SU-2020:0825-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

4.3CVSS5.1AI score0.02132EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/06/17 12:0 a.m.29 views

SUSE SLES12 Security Update : file-roller (SUSE-SU-2020:1505-1)

This update for file-roller fixes the following issues : Security issue fixed : CVE-2020-11736: Fixed a directory traversal vulnerability due to improper checking whether a file's parent is an external symlink bsc1169428. Note that Tenable Network Security has extracted the preceding description...

3.9CVSS5.5AI score0.00768EPSS
Exploits0References4
OSV
OSV
added 2020/05/24 6:4 p.m.4 views

MGASA-2020-0218 Updated file-roller packages fix security vulnerability

Updated the file-roller package in order to fix a security vulnerability: fr-archive-libarchive.c: File Roller lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location. Thus, directory traversal is not prevented CVE-2020-11736...

3.9CVSS4.1AI score0.00768EPSS
Exploits0References3
Rows per page
Query Builder