5 matches found
CVE-2024-27876
A race condition was addressed with improved locking. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, visionOS 2. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files...
GLSA-202405-19 : xar: Unsafe Extraction
The remote host is affected by the vulnerability described in GLSA-202405-19 xar: Unsafe Extraction - This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.0.1. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files. CVE-2021-30833...
CVE-2021-30833
This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.0.1. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files...
CVE-2020-8570 Kubernetes Java client libraries unvalidated path traversal in Copy implementation
Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. This can potentially overwrite any files on the system of the process...
Updated ark packages fix security vulnerability
A maliciously crafted archive with "../" in the file paths would install files anywhere in the user's home directory upon extraction CVE-2020-16116...