Skip to content

Commit 2d02710

Browse files
author
RubySec CI
committed
Updated advisory posts against rubysec/ruby-advisory-db@c40084b 
1 parent 67e13b9 commit 2d02710

File tree

1 file changed

+23
-0
lines changed

1 file changed

+23
-0
lines changed

advisories/_posts/2016-08-22-CVE-2016-10173.md

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
---
2+
layout: advisory
3+
title: 'CVE-2016-10173 (minitar): Minitar Directory Traversal Vulnerability'
4+
comments: false
5+
categories:
6+
- minitar
7+
advisory:
8+
gem: minitar
9+
cve: 2016-10173
10+
url: https://github.com/halostatue/minitar/issues/16
11+
title: Minitar Directory Traversal Vulnerability
12+
date: 2016-08-22
13+
description: |
14+
Minitar allows attackers to overwrite arbitrary files during archive
15+
extraction via a .. (dot dot) in an extracted filename. Analogous
16+
vulnerabilities for unzip and tar:
17+
https://www.cvedetails.com/cve/CVE-2001-1268/ and
18+
http://www.cvedetails.com/cve/CVE-2001-1267/
19+
20+
Credit: ecneladis
21+
patched_versions:
22+
- ">= 0.60"
23+
---

0 commit comments

Comments
 (0)