K64709522: Multiple Zip Slip vulnerabilities

Security Advisory Description CVE-2018-1002200 plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

Debian: Security Advisory (DLA-1564-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-1564-1 : mono security update

It was found that Monos string-to-double parser may crash, on specially crafted input. This could lead to arbitrary code execution. CVE-2018-1002208: Mono embeds the sharplibzip library which is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot...

[SECURITY] [DLA 1564-1] mono security update

Package : mono Version : 3.2.8+dfsg-10+deb8u1 CVE ID : CVE-2009-0689 It was found that Mono’s string-to-double parser may crash, on specially crafted input. This could lead to arbitrary code execution. CVE-2018-1002208: Mono embeds the sharplibzip library which is vulnerable to directory traversa...

sharplibzip directory traversal vulnerability

sharplibzip is a library for compression/decompression. A directory traversal vulnerability exists in sharplibzip versions prior to 1.0 RC1. The vulnerability can be exploited to write arbitrary files using a specially crafted zip archive with a directory traversal name...