Lucene search
K

4 matches found

OSV
OSV
added 2022/01/31 11:15 a.m.4 views

UBUNTU-CVE-2021-23520

The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...

9.8CVSS5.8AI score0.01094EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2022/01/31 11:15 a.m.38 views

CVE-2021-23520

The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in juceZipFile.cpp. This vulnerability is triggered when the archive is extracted upon calling uncompressTo on a ZipFile object...

9.8CVSS7.2AI score0.01094EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2022/01/31 10:50 a.m.20 views

CVE-2021-23521

This affects the package juce-framework/JUCE before 6.1.5. This vulnerability is triggered when a malicious archive is crafted with an entry containing a symbolic link. When extracted, the symbolic link is followed outside of the target dir allowing writing arbitrary files on the target host. In...

7.8CVSS7.8AI score0.00544EPSS
Exploits1
CNNVD
CNNVD
added 2022/01/31 12:0 a.m.4 views

Raw Material Software Juce 路径遍历漏洞

Raw Material Software Juce is an open source cross-platform C++ application framework from Raw Material Software, UK. Used to create high quality desktop and mobile applications including Vst, Vst3, Au, Auv3, Rtas and Aax audio plugins. A path traversal vulnerability exists in Raw Material Softwa...

9.8CVSS8.3AI score0.01094EPSS
Exploits1References4
Rows per page
Query Builder