zziplib is vulnerable to arbitrary file writes. The library does not properly sanitize file paths, allowing a malicious user to overwrite arbitrary files on the system by passing a zip file with ..
in it.
CPE | Name | Operator | Version |
---|---|---|---|
zziplib | eq | 0.13.62 | |
zziplib | eq | 0.13.62__9.el7 | |
zziplib | eq | 0.13.62__11.el7 | |
zziplib | eq | 0.13.68__7.el8 |