ALT-PU-2020-1779-1

Package update file-roller in branch sisyphus

Version3.36.2-alt1

Published2020-04-20

Max severityLOW

Severity:

Closed issues (2)

LOW3.9

Уязвимость компонента fr-archive-libarchive.c программы-архиватора File Roller, позволяющая нарушителю оказать воздействие на целостность и доступность защищаемой информации

Published: 2021-03-15Modified: 2023-11-21

CVSS 3.xLOW 3.9

CVSS:3.x/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

CVSS 2.0LOW 3.2

CVSS:2.0/AV:L/AC:L/Au:S/C:N/I:P/A:P

References

CVE-2020-11736

LOW3.9

fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location.

Published: 2020-04-13Modified: 2024-11-21

CVSS 2.0LOW 3.3

CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:P/A:P

CVSS 3.xLOW 3.9

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

References