VYPR
Vendor

Ark

Products
2
CVEs
3
Across products
3
Status
Private

Products

2

Recent CVEs

3
  • CVE-2021-26635HigJun 2, 2022
    risk 0.51cvss 7.8epss 0.01

    In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such…

  • CVE-2021-26623HigApr 1, 2022
    risk 0.51cvss 7.8epss 0.01

    A remote code execution vulnerability due to incomplete check for 'xheader_decode_path_record' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function.

  • CVE-2021-26615HigNov 26, 2021
    risk 0.51cvss 7.8epss 0.01

    ARK library allows attackers to execute remote code via the parameter(path value) of Ark_NormalizeAndDupPAthNameW function because of an integer overflow.