CVE-2018-12036

Published
View on NVD ↗
CVSS v3
N/A
CVSS v2
6.8
MEDIUM
Affected
2
PROJECTS

Description

OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames.

snyk/zip-slip-vulnerability
snyk/zip-slip-vulnerability
Zip Slip Vulnerability (Arbitrary file write through archive extraction)
GitHubGitHub
840
jeremylong/DependencyCheck
jeremylong/DependencyCheck
The dependency-check repository has moved:
GitHubGitHub
53