CVE-2024-57966

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-57966
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-57966.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-57966
Related
Published
2025-02-03T05:15:10Z
Modified
2025-02-09T06:48:14.074646Z
Summary
[none]
Details

libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive.

References

Affected packages

Debian:11 / ark

Package

Name
ark
Purl
pkg:deb/debian/ark?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4:20.12.2-1+deb11u1

Affected versions

4:20.*

4:20.12.2-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / ark

Package

Name
ark
Purl
pkg:deb/debian/ark?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4:22.*

4:22.12.3-1

4:23.*

4:23.08.1-2
4:23.08.5-1

4:24.*

4:24.05.2-1
4:24.08.0-1
4:24.12.0-1
4:24.12.1-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / ark

Package

Name
ark
Purl
pkg:deb/debian/ark?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4:24.12.0-1

Affected versions

4:22.*

4:22.12.3-1

4:23.*

4:23.08.1-2
4:23.08.5-1

4:24.*

4:24.05.2-1
4:24.08.0-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Git / github.com/kde/ark

Affected ranges

Type
GIT
Repo
https://github.com/kde/ark
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
fe518d81b338941e0bf1c5ce5e75a9ab6de4bb58

Affected versions

v1.*

v1.1.0

v14.*

v14.11.80
v14.11.90
v14.11.95
v14.11.97
v14.12.0
v14.12.1
v14.12.2

v15.*

v15.03.80
v15.03.90
v15.03.95
v15.03.97
v15.04.0
v15.04.1
v15.04.2
v15.07.80
v15.07.90
v15.08.0
v15.08.1
v15.08.2
v15.08.3
v15.11.80
v15.11.90
v15.12.0
v15.12.1
v15.12.2
v15.12.3

v16.*

v16.03.80
v16.03.90
v16.04.0
v16.04.1
v16.04.2
v16.04.3
v16.07.80
v16.07.90
v16.08.0
v16.08.1
v16.08.2
v16.11.80
v16.11.90
v16.12.0
v16.12.1
v16.12.2

v17.*

v17.03.80
v17.03.90
v17.04.0
v17.04.1
v17.04.2
v17.04.3
v17.07.80
v17.07.90
v17.08.0
v17.08.1
v17.08.2
v17.11.80
v17.11.90
v17.12.0
v17.12.1
v17.12.2
v17.12.3

v18.*

v18.03.80
v18.03.90
v18.04.0
v18.04.1
v18.04.2
v18.07.80
v18.07.90
v18.08.0
v18.08.1
v18.08.2
v18.11.80
v18.11.90
v18.12.0
v18.12.1
v18.12.2

v19.*

v19.03.80
v19.03.90
v19.04.0
v19.04.1
v19.04.2
v19.07.80
v19.07.90
v19.08.0
v19.08.1
v19.08.2
v19.11.80
v19.11.90
v19.12.0
v19.12.1
v19.12.2
v19.12.3

v2.*

v2.0.0
v2.1.0
v2.2.0

v20.*

v20.03.80
v20.03.90
v20.04.0
v20.04.1
v20.04.2
v20.04.3
v20.07.80
v20.07.90
v20.08.0
v20.11.80
v20.11.90
v20.12.0
v20.12.1

v21.*

v21.03.80
v21.03.90
v21.04.0
v21.04.1
v21.04.2
v21.04.3
v21.11.80
v21.11.90
v21.12.0
v21.12.1
v21.12.2

v22.*

v22.03.80
v22.04.0
v22.04.1
v22.04.2
v22.04.3
v22.07.80
v22.07.90
v22.08.0
v22.08.1

v24.*

v24.01.75
v24.01.80
v24.01.85
v24.01.90
v24.11.80
v24.11.90

v3.*

v3.0.0
v3.2.0
v3.3.0
v3.4.0
v3.4.0-beta1
v3.4.0-beta2
v3.4.90
v3.4.91
v3.80.2
v3.80.3
v3.90.1
v3.93
v3.94
v3.95
v3.96
v3.97

v4.*

v4.0.0
v4.0.71
v4.0.80
v4.0.83
v4.0.98
v4.1.80
v4.1.85
v4.1.96
v4.10.0
v4.10.1
v4.10.2
v4.10.3
v4.10.4
v4.10.5
v4.10.80
v4.10.90
v4.11.80
v4.11.90
v4.11.95
v4.11.97
v4.12.0
v4.12.1
v4.12.2
v4.12.3
v4.12.80
v4.12.90
v4.12.95
v4.12.97
v4.13.0
v4.13.1
v4.13.80
v4.13.90
v4.13.95
v4.13.97
v4.14.0
v4.14.1
v4.14.2
v4.14.3
v4.2.85
v4.2.90
v4.2.95
v4.3.80
v4.3.85
v4.3.90
v4.4.80
v4.4.85
v4.4.90
v4.5.80
v4.5.85
v4.5.90
v4.5.95
v4.6.0
v4.6.1
v4.6.2
v4.6.3
v4.6.80
v4.6.90
v4.6.95
v4.7.80
v4.7.90
v4.7.95
v4.7.97
v4.8.0
v4.8.1
v4.8.2
v4.8.3
v4.8.4
v4.8.5
v4.8.80
v4.8.90
v4.8.95
v4.8.97
v4.9.0
v4.9.1
v4.9.2
v4.9.3
v4.9.4
v4.9.80
v4.9.90
v4.9.95
v4.9.97
v4.9.98