VulnerableCode Package Details - pkg:deb/ubuntu/poco@1.8.0.1-1ubuntu4

Search for packages

Package details: pkg:deb/ubuntu/poco@1.8.0.1-1ubuntu4

Essentials
History (0)

purl	pkg:deb/ubuntu/poco@1.8.0.1-1ubuntu4

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-cnxn-7fzn-aaap	The ZipCommon::isValidPath() function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary files, via a crafted ZIP file, related to a "file path injection vulnerability".	CVE-2017-1000472

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version