Kde: >> Ark >> 14.12.0 Security Vulnerabilities
In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory.
CVSS Score
3.3
EPSS Score
0.003
Published
2020-09-02
In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal.
CVSS Score
3.3
EPSS Score
0.003
Published
2020-08-03
ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications.
CVSS Score
7.8
EPSS Score
0.012
Published
2017-03-27