Vulnerabilities (CVE)

Filtered by vendor Ssziparchive Project Subscribe
Filtered by product Ssziparchive
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-36943 1 Ssziparchive Project 1 Ssziparchive 2024-02-28 N/A 8.1 HIGH
SSZipArchive versions 2.5.3 and older contain an arbitrary file write vulnerability due to lack of sanitization on paths which are symlinks. SSZipArchive will overwrite files on the filesystem when opening a malicious ZIP containing a symlink as the first item.