CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-17828

Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 76.4%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 5.8

References

https://github.com/gdraheim/zziplib/issues/62
https://github.com/gdraheim/zziplib/issues/62

Products affected by CVE-2018-17828

Gdraheim » Zziplib » Version: 0.13.69

cpe:2.3:a:gdraheim:zziplib:0.13.69

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-17828

Products

Pricing

Contact Us