A flaw was discovered in the mholt/archiver package. This flaw allows an attacker to create a specially crafted tar file, which, when unpacked, may allow access to restricted files or directories. This issue can allow the creation or overwriting of files with the user's or application's privileges using the library.
History

Fri, 10 Jan 2025 23:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-04-06T16:11:02.643Z

Updated: 2025-01-10T22:21:58.487Z

Reserved: 2024-01-10T18:18:28.288Z

Link: CVE-2024-0406

cve-icon Vulnrichment

Updated: 2024-08-01T18:04:49.645Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-04-06T17:15:07.127

Modified: 2024-11-21T08:46:30.900

Link: CVE-2024-0406

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-01-31T00:00:00Z

Links: CVE-2024-0406 - Bugzilla