CVE-2019-16680

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-16680

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-16680.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-16680

Related

Published

2019-09-21T21:15:10Z

Modified

2024-11-02T00:55:33.127804Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction.

References

Affected packages

Debian:11 / file-roller

Package

Name: file-roller
Purl: pkg:deb/debian/file-roller?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.30.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / file-roller

Package

Name: file-roller
Purl: pkg:deb/debian/file-roller?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.30.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / file-roller

Package

Name: file-roller
Purl: pkg:deb/debian/file-roller?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.30.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / gitlab.gnome.org/GNOME/file-roller

Affected ranges

Type: GIT
Repo: https://gitlab.gnome.org/GNOME/file-roller
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

57268e51e59b61c9e3125eb0f65551c7084297e2

Fixed

e8fb3e24dae711e4fb0d6777e0016cdda8787bc1

Affected versions

3.*

3.0.1

3.0.2

3.1.1

3.1.2

3.1.90

3.1.91

3.1.92

3.10.0

3.10.1

3.11.1

3.11.2

3.11.3

3.11.4

3.11.5

3.11.90

3.11.91

3.11.92

3.12.0

3.12.1

3.13.1

3.13.2

3.13.91

3.13.92

3.14.0

3.14.1

3.15.1

3.15.2

3.15.90

3.15.91

3.15.92

3.16.0

3.16.1

3.16.2

3.16.3

3.16.4

3.19.1

3.19.90

3.19.91

3.2.0

3.2.1

3.20.0

3.20.1

3.20.2

3.21.90

3.21.91

3.22.0

3.22.1

3.22.2

3.22.3

3.23.91

3.23.92

3.24.0

3.24.1

3.25.1

3.25.91

3.26.0

3.26.1

3.27.1

3.27.90

3.27.91

3.28.0

3.29.1

3.29.90

3.3.1

3.3.2

3.3.3

3.3.90

3.3.91

3.3.92

3.4.0

3.4.1

3.4.2

3.5.1

3.5.2

3.5.3

3.5.4

3.5.90

3.5.91

3.5.92

3.6.0

3.6.1

3.6.1.1

3.6.2

3.7.1

3.7.2

3.7.3

3.7.90

3.7.91

3.7.92

3.8.0

3.8.1

3.9.1

3.9.2

3.9.3

3.9.4

3.9.90

3.9.91

3.9.92

Other

FILE_ROLLER_2_13_2

FILE_ROLLER_2_13_4

FILE_ROLLER_2_13_90

FILE_ROLLER_2_13_91

FILE_ROLLER_2_13_92

FILE_ROLLER_2_14_0

FILE_ROLLER_2_14_1

FILE_ROLLER_2_14_2

FILE_ROLLER_2_14_3

FILE_ROLLER_2_15_1

FILE_ROLLER_2_15_90

FILE_ROLLER_2_15_91

FILE_ROLLER_2_15_92

FILE_ROLLER_2_15_93

FILE_ROLLER_2_16_0

FILE_ROLLER_2_16_1

FILE_ROLLER_2_17_1

FILE_ROLLER_2_17_2

FILE_ROLLER_2_17_3

FILE_ROLLER_2_17_4

FILE_ROLLER_2_17_5

FILE_ROLLER_2_17_90

FILE_ROLLER_2_17_91

FILE_ROLLER_2_17_92

FILE_ROLLER_2_18_0

FILE_ROLLER_2_19_1

FILE_ROLLER_2_19_2

FILE_ROLLER_2_19_3

FILE_ROLLER_2_19_4

FILE_ROLLER_2_19_90

FILE_ROLLER_2_19_91

FILE_ROLLER_2_19_92

FILE_ROLLER_2_20_0

FILE_ROLLER_2_20_1

FILE_ROLLER_2_20_2

FILE_ROLLER_2_21_1

FILE_ROLLER_2_21_2

FILE_ROLLER_2_21_91

FILE_ROLLER_2_21_92

FILE_ROLLER_2_22_0

FILE_ROLLER_2_23_1

FILE_ROLLER_2_23_2

FILE_ROLLER_2_23_3

FILE_ROLLER_2_23_4

FILE_ROLLER_2_23_5

FILE_ROLLER_2_23_6

FILE_ROLLER_2_23_91

FILE_ROLLER_2_23_92

FILE_ROLLER_2_24_0

FILE_ROLLER_2_24_1

FILE_ROLLER_2_24_2

FILE_ROLLER_2_25_1

FILE_ROLLER_2_25_2

FILE_ROLLER_2_25_90

FILE_ROLLER_2_25_91

FILE_ROLLER_2_25_92

FILE_ROLLER_2_26_0

FILE_ROLLER_2_26_1

FILE_ROLLER_2_27_1

FILE_ROLLER_2_27_2

FILE_ROLLER_2_27_3

FILE_ROLLER_2_27_90

FILE_ROLLER_2_27_91

FILE_ROLLER_2_27_92

FILE_ROLLER_2_28_0

FILE_ROLLER_2_28_1

FILE_ROLLER_2_29_1

FILE_ROLLER_2_29_2

FILE_ROLLER_2_29_3

FILE_ROLLER_2_29_4

FILE_ROLLER_2_29_5

FILE_ROLLER_2_29_90

FILE_ROLLER_2_29_91

FILE_ROLLER_2_29_92

FILE_ROLLER_2_30_0

FILE_ROLLER_2_30_1

FILE_ROLLER_2_30_1_1

FILE_ROLLER_2_31_1

FILE_ROLLER_2_31_2

FILE_ROLLER_2_31_3

FILE_ROLLER_2_31_4

FILE_ROLLER_2_31_5

FILE_ROLLER_2_31_90

FILE_ROLLER_2_31_91

FILE_ROLLER_2_31_92

FILE_ROLLER_2_32_0

FILE_ROLLER_2_4_0_1

FILE_ROLLER_2_91_0

FILE_ROLLER_2_91_1

FILE_ROLLER_2_91_2

FILE_ROLLER_2_91_3

FILE_ROLLER_2_91_4

FILE_ROLLER_2_91_5

FILE_ROLLER_2_91_6

FILE_ROLLER_2_91_90

FILE_ROLLER_2_91_91

FILE_ROLLER_2_91_92

FILE_ROLLER_2_91_93

FILE_ROLLER_3_0_0

start