Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:35045
HistoryApr 10, 2022 - 10:49 p.m.

Arbitrary File Write

2022-04-1022:49:47
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
20
libarchive vulnerability
arbitrary file write
improper link resolution
access control lists
local attacker

EPSS

0.001

Percentile

25.2%

libarchive is vulnerable to arbitrary file write. An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system.