Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
archiver vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0406
A flaw exists in the mholt/archiver package. This flaw allows an malicious user to create a specially crafted tar file, which, when unpacked, may allow access to restricted files or directories. This issue can allow the creation or overwriting of files with the user's or app...
5.3
CVSSv3
CVE-2023-7216
A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated malicious user to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directo...
Gnu Cpio -
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
9.6
CVSSv3
CVE-2023-52138
Engrampa is an archive manager for the MATE environment. Engrampa is found to be vulnerable to a Path Traversal vulnerability that can be leveraged to achieve full Remote Command Execution (RCE) on the target. While handling CPIO archives, the Engrampa Archive manager follows sym...
Mate-desktop Engrampa
4.7
CVSSv3
CVE-2023-36811
borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an malicious user to fake archives and potentially indirectly cause backup data loss in the repository. The a...
Borgbackup Borg
7.8
CVSSv3
CVE-2023-30577
AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705.
Zmanda Amanda
9.8
CVSSv3
CVE-2023-37460
Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified `Archiver`/`UnArchiver` API. Prior to version 4.8.0, using AbstractUnArchiver for extracting an archive might lead to an arbitrary file creation and possibly ...
Codehaus-plexus Plexus-archiver
9.1
CVSSv3
CVE-2018-25046
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
Cloudfoundry Archiver
9.8
CVSSv3
CVE-2021-29281
File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE-2017-11317.
Gfi Archiver
5.5
CVSSv3
CVE-2022-0529
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an malicious user to input a specially crafted zip file, leading to a crash or code execution.
Unzip Project Unzip 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Github repositories
5.5
CVSSv3
CVE-2022-0530
A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an malicious user to input a specially crafted zip file, leading to a crash or code execution.
Unzip Project Unzip 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 35
Apple Mac Os X
Apple Mac Os X 10.15.7
Apple Macos
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »