📦

ark

Vendor: kde

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 1 Remote Access

Total CVEs 21 Total Indexed

Avg. EPSS 0.64% Exploit Prob.

Latest CVE CVE-2020-24654 Sep 02

Security Vulnerability Index

Page 1 / 3

3.3 CVSS

CVE-2020-24654

In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory.

EPSS: 0.83%

Severity: LOW

Sep 02, 2020

3.3 CVSS

CVE-2020-16116

In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal.

EPSS: 0.83%

Severity: LOW

Aug 03, 2020

7.8 CVSS

CVE-2017-5330

RCE

ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications.

EPSS: 0.52%

Severity: HIGH

Mar 27, 2017

6.8 CVSS

CVE-2011-2725

Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file.

EPSS: 0.38%

Severity: MEDIUM

Feb 04, 2014

Displaying 4 of 21 Total Entries

1 2 3

Total 3 Sections