OESA-2025-1132
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1132
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2025-1132.json
- JSON Data
- https://api.osv.dev/v1/vulns/OESA-2025-1132
- Upstream
- Published
- 2025-02-14T12:13:09Z
- Modified
- 2025-09-03T06:20:42.080127Z
- Summary
- ark security update
- Details
-
Ark is a program for managing various archive formats. Archives can be viewed, extracted, created and modified from within Ark. The program can handle various formats such as tar, gzip, bzip2, zip, rar and lha (if appropriate command-line programs are installed).
Security Fix(es):
libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive.(CVE-2024-57966)
- Database specific
{ "severity": "Medium" }- References
Affected packages
openEuler:22.03-LTS-SP4 / ark
Package
- Name
- ark
- Purl
- pkg:rpm/openEuler/ark&distro=openEuler-22.03-LTS-SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed22.08.3-2.oe2203sp4
Ecosystem specific
{
"x86_64": [
"ark-22.08.3-2.oe2203sp4.x86_64.rpm",
"ark-debuginfo-22.08.3-2.oe2203sp4.x86_64.rpm",
"ark-debugsource-22.08.3-2.oe2203sp4.x86_64.rpm",
"ark-libs-22.08.3-2.oe2203sp4.x86_64.rpm"
],
"aarch64": [
"ark-22.08.3-2.oe2203sp4.aarch64.rpm",
"ark-debuginfo-22.08.3-2.oe2203sp4.aarch64.rpm",
"ark-debugsource-22.08.3-2.oe2203sp4.aarch64.rpm",
"ark-libs-22.08.3-2.oe2203sp4.aarch64.rpm"
],
"src": [
"ark-22.08.3-2.oe2203sp4.src.rpm"
]
}