VYPR

rpm package

opensuse/file-roller&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/file-roller&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2020-36314Apr 7, 2021
    affected < 3.40.0-3.2fixed 3.40.0-3.2

    fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue exists because of

  • CVE-2020-11736Apr 13, 2020
    affected < 3.40.0-3.2fixed 3.40.0-3.2

    fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location.