Vulnerabilities > Cabextract > Cabextract > 0.3

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-29	CVE-2015-2060	Path Traversal vulnerability in Cabextract cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash. network low complexity cabextract linux CWE-22	5.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.