OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames.
Any condition where the attacker has the ability to write an arbitrary value to an arbitrary location, often as the result of a buffer overflow.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Dependency-check | Owasp | * | 3.2.0 (excluding) |