VDB
GCVE-110-MAGEIA-2021-111
GCVE-110-MAGEIA-2021-111
Advisory Published
Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside of
the intended directory. If a user were tricked into extracting a specially
crafted archive, a remote attacker could create files in arbitrary locations,
possibly leading to code execution (CVE-2020-36241).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | gnome-autoar | 0.2.4-2.1.mga8 (unaffected), 0 (affected), 0.2.4-2.1.mga8 (unaffected), 0 (affected) | — |
| Mageia | python-sphinx-math-dollar | 1.2-1.mga8 (unaffected), 0 (affected) | — |
| Mageia | gnome-autoar | 0 (affected), 0.2.3-2.1.mga7 (unaffected), 0 (affected), 0.2.3-2.1.mga7 (unaffected) | — |
| Mageia | python-sympy | 0 (affected), 1.7.1-1.mga8 (unaffected) | — |
Aliases
References
Browse GCVE Records
72,148 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.