DSA-4083-1 poco -- poco| ID: oval:org.secpod.oval:def:603233 | Date: (C)2018-02-05 (M)2023-04-19 |
| Class: PATCH | Family: unix |
Stephan Zeisberg discovered that poco, a collection of open source C++ class libraries, did not correctly validate file paths in ZIP archives. An attacker could leverage this flaw to create or overwrite arbitrary files.
| Platform: |
| Debian 8.x |
| Debian 9.x |
| Product: |
| libpoconetssl46 |
| libpocozip46 |
| libpoco-dev |
| libpocodatamysql46 |
| libpocomongodb46 |
| libpocoxml46 |
| libpocoutil46 |
| libpocodatasqlite46 |
| libpococrypto46 |
| libpoconet46 |
| libpocodataodbc46 |
| libpocofoundation46 |
| libpocodata46 |
