VDB
GCVE-110-MAGEIA-2019-5
GCVE-110-MAGEIA-2019-5
Advisory Published
A path traversal vulnerability has been discovered in plexus-archiver
when extracting a carefully crafted zip file which holds path traversal
file names. A remote attacker could use this vulnerability to write
files outside the target directory and overwrite existing files with
malicious code or vulnerable configurations (CVE-2018-1002200).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | qdigidoc4 | 0 (affected), 4.2.0-2.mga6 (unaffected) | — |
| Mageia | libdigidocpp | 0 (affected), 3.13.8-1.mga6 (unaffected) | — |
| Mageia | task-esteid | 0 (affected), 4.2.0-1.mga6 (unaffected) | — |
| Mageia | chrome-token-signing | 0 (affected), 1.0.8-1.mga6 (unaffected) | — |
| Mageia | plexus-archiver | 0 (affected), 0 (affected), 3.4-1.1.mga6 (unaffected), 3.4-1.1.mga6 (unaffected) | — |
References
Estonian ID software needs updating
advisory
Browse GCVE Records
73,280 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.