17 matches found
EUVD-2021-10487
Malware in sbrugna...
EUVD-2021-10488
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-23520
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in...
CVE-2021-23521
This affects the package juce-framework/JUCE before 6.1.5. This vulnerability is triggered when a malicious archive is crafted with an entry containing a symbolic link. When extracted, the symbolic link is followed outside of the target dir allowing writing arbitrary files on the target host. In...
CVE-2021-23520
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...
DEBIAN-CVE-2021-23521
This affects the package juce-framework/JUCE before 6.1.5. This vulnerability is triggered when a malicious archive is crafted with an entry containing a symbolic link. When extracted, the symbolic link is followed outside of the target dir allowing writing arbitrary files on the target host. In...
CVE-2021-23520
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...
DEBIAN-CVE-2021-23520
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...
Design/Logic Flaw
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...
Code injection
This affects the package juce-framework/JUCE before 6.1.5. This vulnerability is triggered when a malicious archive is crafted with an entry containing a symbolic link. When extracted, the symbolic link is followed outside of the target dir allowing writing arbitrary files on the target host. In...
UBUNTU-CVE-2021-23520
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...
UBUNTU-CVE-2021-23521
This affects the package juce-framework/JUCE before 6.1.5. This vulnerability is triggered when a malicious archive is crafted with an entry containing a symbolic link. When extracted, the symbolic link is followed outside of the target dir allowing writing arbitrary files on the target host. In...
CVE-2021-23520
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...
CVE-2021-23520 Arbitrary File Write via Archive Extraction (Zip Slip)
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...
CVE-2021-23521
CVE-2021-23521 affects juce-framework/JUCE before 6.1.5. The vulnerability occurs when extracting a malicious archive containing a symbolic link: ZipFile::uncompressEntry can follow the link outside the target directory, allowing writing arbitrary files on the host and, in some cases, arbitrary c...
Raw Material Software Juce 路径遍历漏洞
Raw Material Software Juce is an open source cross-platform C++ application framework from Raw Material Software, UK. Used to create high quality desktop and mobile applications including Vst, Vst3, Au, Auv3, Rtas and Aax audio plugins. A path traversal vulnerability exists in Raw Material Softwa...
Raw Material Software Juce 后置链接漏洞
Raw Material Software Juce is an open source cross-platform C++ application framework from Raw Material Software, UK. Used to create high quality desktop and mobile applications including Vst, Vst3, Au, Auv3, Rtas and Aax audio plugins. A backlink vulnerability exists in Raw Material Software Juc...