Improper path allowed when extracting archive.(CVE-2022-37865)
Possible path traversal in download path (CVE-2022-37866)
- https://bugs.mageia.org/show_bug.cgi?id=31075
- https://www.openwall.com/lists/oss-security/2022/11/04/2
- https://www.openwall.com/lists/oss-security/2022/11/04/3
- https://www.cve.org/CVERecord?id=CVE-2022-37865
- https://www.cve.org/CVERecord?id=CVE-2022-37866
- 8/core/apache-ivy-2.5.0-1.1.mga8
Get the latest Linux and open source security news straight to your inbox.