File-roller Security Vulnerabilities and Issues — File-roller CVE List

Lucene search

GnomeFile-roller

3 matches found

cve•added 2020/04/13 7:15 p.m.•255 views

CVE-2020-11736

fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location.

3.9CVSS4AI score0.00062EPSS

cve•added 2019/09/21 9:15 p.m.•244 views

CVE-2019-16680

An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction.

4.3CVSS4.3AI score0.0137EPSS

cve•added 2021/04/07 12:15 p.m.•118 views

CVE-2020-36314

fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue exists because of an incomplete fix f...

3.9CVSS4.2AI score0.00198EPSS