4 matches found
archive-tar-minitar and minitar vulnerable to Path Traversal
Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry...
CVE-2016-10173
Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry...
CVE-2016-10173
CVE-2016-10173 is a directory traversal vulnerability in Ruby gems minitar (before 0.6) and archive-tar-minitar (before 0.5.2). The flaw allows a remote attacker to write arbitrary files by crafting a TAR archive entry containing a path with "..". Public references across NVD, CNVD, GitHub adviso...
CVE-2016-10173
Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry...