admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-05 10:18:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

CVE-2020-7668: Adds affected software and versions in the description

Browse Source
This commit is contained in:
ggkitsas 2020-07-07 12:02:23 +01:00
parent 6434c765b7
commit d6114e7b90
No known key found for this signature in database
GPG Key ID: 94B316F4BEA97D6F
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2020/7xxx/CVE-2020-7668.json
View File

@ -58,7 +58,7 @@
"description_data": [
{
"lang": "eng",
"value": "The ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading \"..\". This allows an attacker to add or replace files system-wide."
"value": "In all versions of the package github.com/unknwon/cae/tz, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading \"..\". This allows an attacker to add or replace files system-wide."
}
]
},