Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2020-23171 - log back

CVE-2020-23171 edited at 10 Aug 2021 16:31:00

Severity

-	Unknown
+	High

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Directory traversal

Description

+	A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbitrary directories via a crafted zip file with dot-slash characters included in the name of the crafted file.

References

+	https://github.com/nim-lang/zip/issues/54

Notes

CVE-2020-23171 created at 10 Aug 2021 16:30:29