Plexus Archiver Component is vulnerable to zip-slip vulnerability. The vulnerability exists when the attacker inputs a malicious zip archive with filenames including file traversal characters such as dot dot (..
), leading to concatenation of file path locating outside of the destination folder.
CPE | Name | Operator | Version |
---|---|---|---|
plexus archiver component | le | 2.4.4 | |
plexus archiver component | le | 3.5 |