CVE-2024-13941 ouch-org ouch zip.rs convert_zip_date_time memory corruption

A vulnerability was found in ouch-org ouch up to 0.3.1. It has been classified as critical. This affects the function ouch::archive::zip::convertzipdatetime of the file zip.rs. The manipulation of the argument month leads to memory corruption. The attack needs to be approached locally. The exploi...

CVE-2019-9195

util/src/zip.rs in Grin before 1.0.2 mishandles suspicious files. An attacker can execute arbitrary code via directory traversal in a ZIP archive...