Skip to main content
CVE-2020-24654 LOW PATCH Monitor

In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Ark Ubuntu Linux Debian Linux Fedora +1
NVD GitHub
CVSS 3.1
3.3
EPSS
1.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy