CVE 2022-30333
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/
Related bugs and status
CVE-2022-30333 (Candidate) is related to these bugs:
Bug #1975722: unrar has an open security bug
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1975722 | unrar has an open security bug | unrar-nonfree (Ubuntu) | Undecided | Confirmed |
Bug #2046581: clamav considers itself OUTDATED, please provide context why this often is not a problem
Bug #2070259: CVE-2022-30333
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
2070259 | CVE-2022-30333 | unrar-nonfree (Ubuntu) | Undecided | New |
See the
CVE page on Mitre.org
for more details.