mat2 (aka metadata anonymisation toolkit) prior to 0.13.0 allows ../ directory traversal during the ZIP archive cleaning process. This primarily affects mat2 web instances, in which clients could obtain sensitive information via a crafted archive.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
0xacab mat2 |
||
debian debian linux 10.0 |
||
debian debian linux 11.0 |