CVE-2018-17828

Description

Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file.

References

https://github.com/gdraheim/zziplib/issues/62

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3