14 matches found
CVE-2026-41245
Junrar is an open source java RAR archive library. Prior to version 7.5.10, a path traversal vulnerability in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content into sibling directories when a crafted RAR archive is extracted. Version 7.5.10 fixes th...
CVE-2026-41245
Junrar is an open source java RAR archive library. Prior to version 7.5.10, a path traversal vulnerability in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content into sibling directories when a crafted RAR archive is extracted. Version 7.5.10 fixes th...
EUVD-2026-23872
Junrar is an open source java RAR archive library. Prior to version 7.5.10, a path traversal vulnerability in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content into sibling directories when a crafted RAR archive is extracted. Version 7.5.10 fixes th...
CVE-2026-41245
Junrar is an open-source Java RAR archive library. Prior to version 7.5.10, a path traversal flaw in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content into sibling directories during extraction of a crafted RAR archive. Version 7.5.10 fixes the issu...
PT-2026-33784
Junrar is an open source java RAR archive library. Prior to version 7.5.10, a path traversal vulnerability in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content into sibling directories when a crafted RAR archive is extracted. Version 7.5.10 fixes th...
Junrar 安全漏洞
Junrar is an open-source Java Unrar library developed by junrar. It is used for reading and extracting .Rar files. Versions of Junrar prior to 7.5.10 had security vulnerabilities, stemming from a path traversal vulnerability in LocalFolderExtractor. This vulnerability could allow writing to...
EUVD-2026-8909
Junrar has an arbitrary file write due to backslash Path Traversal bypass in LocalFolderExtractor on Linux/Unix...
GHSA-J273-M5QQ-6825 Junrar has an arbitrary file write due to backslash Path Traversal bypass in LocalFolderExtractor on Linux/Unix
Summary A backslash path traversal vulnerability in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content anywhere on the filesystem when a crafted RAR archive is extracted on Linux/Unix. This can often lead to remote code execution e.g., overwriting...
Directory Traversal
Overview com.github.junrar:junrar is a rar decompression library in plain java. Affected versions of this package are vulnerable to Directory Traversal via the LocalFolderExtractor component. An attacker can write arbitrary files with attacker-controlled content anywhere on the filesystem by...
CVE-2026-28208
Junrar is an open source java RAR archive library. Prior to version 7.5.8, a backslash path traversal vulnerability in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content anywhere on the filesystem when a crafted RAR archive is extracted on Linux/Unix...
CVE-2026-28208
Summary: Junrar is an open-source Java RAR archive library. Prior to version 7.5.8, a backslash path traversal vulnerability in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content anywhere on the filesystem when a crafted RAR archive is extracted on L...
CVE-2026-28208 Junrar has arbitrary file write due to backslash path traversal bypass in LocalFolderExtractor on Linux/Unix
Junrar is an open source java RAR archive library. Prior to version 7.5.8, a backslash path traversal vulnerability in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content anywhere on the filesystem when a crafted RAR archive is extracted on Linux/Unix...
CVE-2026-28208 Junrar has arbitrary file write due to backslash path traversal bypass in LocalFolderExtractor on Linux/Unix
Junrar is an open source java RAR archive library. Prior to version 7.5.8, a backslash path traversal vulnerability in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content anywhere on the filesystem when a crafted RAR archive is extracted on Linux/Unix...
Junrar 路径遍历漏洞
Junrar is a standard Java Unrar library. It is used for reading and extracting .Rar files. Versions of Junrar prior to 7.5.8 had a path traversal vulnerability; this vulnerability stemmed from anti-slash path traversal in LocalFolderExtractor, which could lead to arbitrary file writing and remote...