Vulnerabilities (CVE)

Filtered by vendor Kde Subscribe
Filtered by product Ark
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-5330 2 Fedoraproject, Kde 2 Fedora, Ark 2024-11-21 6.8 MEDIUM 7.8 HIGH
ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications.
CVE-2011-2725 3 Canonical, Kde, Opensuse 4 Ubuntu Linux, Ark, Kde Sc and 1 more 2024-11-21 6.8 MEDIUM N/A
Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file.
CVE-2020-24654 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2024-02-04 4.3 MEDIUM 3.3 LOW
In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory.
CVE-2020-16116 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2024-02-04 4.3 MEDIUM 3.3 LOW
In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal.