Vulnerabilities > Gnome > File Roller

DATE CVE VULNERABILITY TITLE RISK
2021-04-07 CVE-2020-36314 Link Following vulnerability in multiple products
fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations.
local
low complexity
gnome fedoraproject CWE-59
3.9
3.9
2020-04-13 CVE-2020-11736 Link Following vulnerability in multiple products
fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location.
local
low complexity
gnome debian canonical CWE-59
3.9
3.9
2019-09-21 CVE-2019-16680 Path Traversal vulnerability in multiple products
An issue was discovered in GNOME file-roller before 3.29.91.
network
low complexity
gnome redhat debian canonical CWE-22
4.3
4.3