Pub (Dart) package
archive
pkg:pub/archive
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-39139 | — | < 3.3.8 | 3.3.8 | Aug 30, 2023 | An issue in Archive v3.3.7 allows attackers to execute a path traversal via extracting a crafted zip file. | ||
| CVE-2023-39137 | — | < 3.3.8 | 3.3.8 | Aug 30, 2023 | An issue in Archive v3.3.7 allows attackers to spoof zip filenames which can lead to inconsistent filename parsing. |
- CVE-2023-39139Aug 30, 2023affected < 3.3.8fixed 3.3.8
An issue in Archive v3.3.7 allows attackers to execute a path traversal via extracting a crafted zip file.
- CVE-2023-39137Aug 30, 2023affected < 3.3.8fixed 3.3.8
An issue in Archive v3.3.7 allows attackers to spoof zip filenames which can lead to inconsistent filename parsing.