libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive.
{
"cwe_ids": [
"CWE-36"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/57xxx/CVE-2024-57966.json",
"cna_assigner": "mitre"
}