VYPR
Medium severity5.5NVD Advisory· Published Aug 10, 2021· Updated Jun 17, 2026

CVE-2020-23172

CVE-2020-23172

Description

A vulnerability in all versions of Kuba allows attackers to overwrite arbitrary files in arbitrary directories with crafted Zip files due to improper validation of file paths in .zip archives.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Kuba/Kubadescription
  • Kuba/zipllm-create

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.