Filtered by vendor Ssziparchive Project Subscriptions
Filtered by product Ssziparchive Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-36943 1 Ssziparchive Project 1 Ssziparchive 2024-11-21 8.1 High
SSZipArchive versions 2.5.3 and older contain an arbitrary file write vulnerability due to lack of sanitization on paths which are symlinks. SSZipArchive will overwrite files on the filesystem when opening a malicious ZIP containing a symlink as the first item.