VDB

GCVE-110-MAGEIA-2019-5

GCVE-110-MAGEIA-2019-5
Advisory Published
Vulnetix · Advisory published January 5, 2019
A path traversal vulnerability has been discovered in plexus-archiver when extracting a carefully crafted zip file which holds path traversal file names. A remote attacker could use this vulnerability to write files outside the target directory and overwrite existing files with malicious code or vulnerable configurations (CVE-2018-1002200).

Affected Products

VendorProductVersionsPlatforms
Mageiaqdigidoc40 (affected), 4.2.0-2.mga6 (unaffected)
Mageialibdigidocpp0 (affected), 3.13.8-1.mga6 (unaffected)
Mageiatask-esteid0 (affected), 4.2.0-1.mga6 (unaffected)
Mageiachrome-token-signing0 (affected), 1.0.8-1.mga6 (unaffected)
Mageiaplexus-archiver0 (affected), 0 (affected), 3.4-1.1.mga6 (unaffected), 3.4-1.1.mga6 (unaffected)

Browse GCVE Records

73,280 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›