CVE-2019-9195

Published February 26th, 2019

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

7.5

HIGH

Affected

1

PROJECT

Description

util/src/zip.rs in Grin before 1.0.2 mishandles suspicious files. An attacker can execute arbitrary code via directory traversal in a ZIP archive.

mimblewimble/grin

Minimal implementation of the Mimblewimble protocol.

GitHub

5.09K