AVG-1216 log
| Package | ark |
| Status | Fixed |
| Severity | High |
| Type | arbitrary filesystem access |
| Affected | 20.08.0-1 |
| Fixed | 20.08.0-2 |
| Current | 25.08.3-1 [extra] |
| Ticket | None |
| Created | Thu Sep 3 17:34:02 2020 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2020-24654 | High | No | Arbitrary filesystem access | In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 03 Sep 2020 | ASA-202009-2 | ark | arbitrary filesystem access |