MidnightBSD

Advisories for minizip_project

CVE-2014-9485 MEDIUM

Directory traversal vulnerability in the do_extract_currentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
zlib-ng minizip-ng *
minizip_project minizip *