Lucene search
Veracode Vulnerability DatabaseVERACODE:27765HistoryNov 05, 2020 - 3:09 a.m.
Arbitrary File Write
2020-11-0503:09:41
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.0005 Low
EPSS
Percentile
17.3%
file-roller is vulnerable to arbitrary file write. The vulnerability exists through a directory symlink pointing outside of the target directory.
| CPE | Name | Operator | Version |
|---|---|---|---|
| file-roller | eq | 3.28.1__1.el8 | |
| file-roller | eq | 3.28.1__2.el8 | |
| file-roller | eq | 3.28.1__1.el8 | |
| file-roller | eq | 3.28.1__2.el8 |
References
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/
access.redhat.com/errata/RHSA-2020:4820
access.redhat.com/security/updates/classification/#moderate
gitlab.gnome.org/GNOME/file-roller/-/commit/21dfcdbfe258984db89fb65243a1a888924e45a0
lists.debian.org/debian-lts-announce/2020/04/msg00013.html
security.gentoo.org/glsa/202009-06
usn.ubuntu.com/4332-1/
usn.ubuntu.com/4332-2/
Related
openvas
openvas
Debian: Security Advisory (DLA-2180-1)
2020-04-18 00:00:00
Mageia: Security Advisory (MGASA-2020-0218)
2022-01-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:1505-1)
2021-04-19 00:00:00
cve
cve
CVE-2020-11736
2020-04-13 19:15:11
CVE-2020-36314
2021-04-07 12:15:12
ubuntu
ubuntu
File Roller vulnerability
2020-04-20 00:00:00
File Roller vulnerability
2020-04-27 00:00:00
nessus
nessus
EulerOS 2.0 SP5 : file-roller (EulerOS-SA-2020-2244)
2020-10-30 00:00:00
Ubuntu 20.04 LTS : File Roller vulnerability (USN-4332-2)
2020-04-28 00:00:00
SUSE SLES12 Security Update : file-roller (SUSE-SU-2020:1505-1)
2020-06-17 00:00:00
mageia
mageia
Updated file-roller packages fix security vulnerability
2020-05-24 21:04:47
Updated file-roller packages fix security vulnerability
2021-07-04 05:13:55
cvelist
cvelist
CVE-2020-11736
2020-04-13 18:39:26
CVE-2020-36314
2021-04-07 11:07:40
ubuntucve
ubuntucve
CVE-2020-11736
2020-04-13 00:00:00
CVE-2020-36314
2021-04-07 00:00:00
prion
prion
Directory traversal
2020-04-13 19:15:00
Directory traversal
2021-04-07 12:15:00
osv
osv
CVE-2020-11736
2020-04-13 19:15:11
file-roller - security update
2020-04-18 00:00:00
Low: file-roller security update
2021-11-09 08:32:50
nvd
nvd
CVE-2020-11736
2020-04-13 19:15:11
CVE-2020-36314
2021-04-07 12:15:12
debiancve
debiancve
CVE-2020-11736
2020-04-13 19:15:11
CVE-2020-36314
2021-04-07 12:15:12
gentoo
gentoo
GNOME File Roller: Directory traversal
2020-09-13 00:00:00
redhatcve
redhatcve
CVE-2020-11736
2020-04-16 19:33:38
CVE-2020-36314
2021-04-08 17:15:52
debian
debian
[SECURITY] [DLA 2180-1] file-roller security update
2020-04-17 23:52:34
redhat
redhat
(RHSA-2021:4179) Low: file-roller security update
2021-11-09 08:32:50
(RHSA-2020:4820) Moderate: file-roller security update
2020-11-03 12:38:46
almalinux
almalinux
Moderate: file-roller security update
2020-11-03 12:38:46
Low: file-roller security update
2021-11-09 08:32:50
rocky
rocky
file-roller security update
2020-11-03 12:38:46
file-roller security update
2021-11-09 08:32:50
veracode
veracode
Directory Traversal
2021-04-14 02:27:30
suse
suse
Security update for file-roller (low)
2020-06-18 00:00:00
oraclelinux
oraclelinux
file-roller security update
2020-11-10 00:00:00
alpinelinux
alpinelinux
CVE-2020-36314
2021-04-07 12:15:12
rosalinux
rosalinux
Advisory ROSA-SA-2021-1834
2021-07-02 16:40:34