Medium severity5.5NVD Advisory· Published Aug 10, 2021· Updated Jun 17, 2026
CVE-2020-23172
CVE-2020-23172
Description
A vulnerability in all versions of Kuba allows attackers to overwrite arbitrary files in arbitrary directories with crafted Zip files due to improper validation of file paths in .zip archives.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Kuba/Kubadescription
Patches
Vulnerability mechanics
References
1- github.com/kuba--/zip/issues/123nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.