An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-09-21T20:33:21
Updated: 2024-08-05T01:17:41.208Z
Reserved: 2019-09-21T00:00:00
Link: CVE-2019-16680
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-09-21T21:15:10.657
Modified: 2019-12-20T17:23:32.290
Link: CVE-2019-16680
Redhat