CVE-2020-16116

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-16116
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-16116.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-16116
Downstream
Related
Published
2020-08-03T20:15:13.980Z
Modified
2026-04-02T04:10:01.144249Z
Severity
  • 3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal.

References

Affected packages

Git / github.com/kde/ark

Affected ranges

Type
GIT
Repo
https://github.com/kde/ark
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
6104ad1c17dba322915e402f20c51bc6854b1d2b
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
21bd9ee7ec37e5d489ed9a2e6b2c1f056f3a73d8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
8454fdc6a5b18341035987a8b13b79dc77ee9913
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "20.08.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "18.04"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "20.04"
        }
    ]
}

Affected versions

v1.*
v1.1.0
v1.1.1
v1.1.2
v14.*
v14.11.80
v14.11.90
v14.11.95
v14.11.97
v14.12.0
v14.12.1
v14.12.2
v14.12.3
v15.*
v15.03.80
v15.03.90
v15.03.95
v15.03.97
v15.04.0
v15.04.1
v15.04.2
v15.04.3
v15.07.80
v15.07.90
v15.08.0
v15.08.1
v15.08.2
v15.08.3
v15.11.80
v15.11.90
v15.12.0
v15.12.1
v15.12.2
v15.12.3
v16.*
v16.03.80
v16.03.90
v16.04.0
v16.04.1
v16.04.2
v16.04.3
v16.07.80
v16.07.90
v16.08.0
v16.08.1
v16.08.2
v16.08.3
v16.11.80
v16.11.90
v16.12.0
v16.12.1
v16.12.2
v16.12.3
v17.*
v17.03.80
v17.03.90
v17.04.0
v17.04.1
v17.04.2
v17.04.3
v17.07.80
v17.07.90
v17.08.0
v17.08.1
v17.08.2
v17.08.3
v17.11.80
v17.11.90
v17.12.0
v17.12.1
v17.12.2
v17.12.3
v18.*
v18.03.80
v18.03.90
v18.04.0
v2.*
v2.0.0
v2.0.1
v2.1.0
v2.1.1
v2.2.0
v2.2.1
v2.2.2
v3.*
v3.0.0
v3.0.1
v3.0.2
v3.0.3
v3.0.4
v3.0.5
v3.0.5a
v3.1.0
v3.1.1
v3.1.2
v3.1.3
v3.1.4
v3.1.5
v3.2.0
v3.2.1
v3.2.2
v3.2.3
v3.3.0
v3.3.1
v3.3.2
v3.4.0
v3.4.0-beta1
v3.4.0-beta2
v3.4.1
v3.4.2
v3.4.3
v3.4.90
v3.4.91
v3.4.92
v3.5.0
v3.5.1
v3.5.10
v3.5.2
v3.5.3
v3.5.4
v3.5.5
v3.5.6
v3.5.7
v3.5.8
v3.5.9
v3.80.2
v3.80.3
v3.90.1
v3.91
v3.93
v3.94
v3.95
v3.96
v3.97
v4.*
v4.0.0
v4.0.1
v4.0.2
v4.0.3
v4.0.4
v4.0.5
v4.0.71
v4.0.80
v4.0.83
v4.0.98
v4.1.0
v4.1.1
v4.1.2
v4.1.3
v4.1.4
v4.1.80
v4.1.85
v4.1.96
v4.10.0
v4.10.1
v4.10.2
v4.10.3
v4.10.4
v4.10.5
v4.10.80
v4.10.90
v4.10.95
v4.10.97
v4.11.0
v4.11.1
v4.11.2
v4.11.3
v4.11.4
v4.11.5
v4.11.80
v4.11.90
v4.11.95
v4.11.97
v4.12.0
v4.12.1
v4.12.2
v4.12.3
v4.12.4
v4.12.5
v4.12.80
v4.12.90
v4.12.95
v4.12.97
v4.13.0
v4.13.1
v4.13.2
v4.13.3
v4.13.80
v4.13.90
v4.13.95
v4.13.97
v4.14.0
v4.14.1
v4.14.2
v4.14.3
v4.2.0
v4.2.1
v4.2.2
v4.2.3
v4.2.4
v4.2.85
v4.2.90
v4.2.95
v4.2.96
v4.2.98
v4.3.0
v4.3.1
v4.3.2
v4.3.3
v4.3.4
v4.3.5
v4.3.80
v4.3.85
v4.3.90
v4.3.95
v4.3.98
v4.4.0
v4.4.1
v4.4.2
v4.4.3
v4.4.4
v4.4.5
v4.4.80
v4.4.85
v4.4.90
v4.4.92
v4.4.95
v4.5.0
v4.5.1
v4.5.2
v4.5.3
v4.5.3-test
v4.5.4
v4.5.5
v4.5.80
v4.5.85
v4.5.90
v4.5.95
v4.6.0
v4.6.1
v4.6.2
v4.6.3
v4.6.4
v4.6.5
v4.6.80
v4.6.90
v4.6.95
v4.7.0
v4.7.1
v4.7.2
v4.7.3
v4.7.4
v4.7.80
v4.7.90
v4.7.95
v4.7.97
v4.8.0
v4.8.1
v4.8.2
v4.8.3
v4.8.4
v4.8.5
v4.8.80
v4.8.90
v4.8.95
v4.8.97
v4.9.0
v4.9.1
v4.9.2
v4.9.3
v4.9.4
v4.9.5
v4.9.80
v4.9.90
v4.9.95
v4.9.97
v4.9.98

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-16116.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "10.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "31"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "32"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "15.1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "15.2"
            }
        ]
    }
]