FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
8f5c9dd6-5cac-11e5-9ad8-14dae9d210b8p7zip -- directory traversal vulnerability

Alexander Cherepanov reports:

7z (and 7zr) is susceptible to a directory traversal vulnerability. While extracting an archive, it will extract symlinks and then follow them if they are referenced in further entries. This can be exploited by a rogue archive to write files outside the current directory.


Discovery 2015-01-05
Entry 2015-09-16
p7zip
< 9.38.1_2

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774660
http://www.openwall.com/lists/oss-security/2015/01/11/2
http://sourceforge.net/p/p7zip/bugs/147/
CVE-2015-1038