Joran Herve

**Name of the Vulnerable Software and Affected Versions** okular versions prior to 18.08.1 **Description** The issue is related to a Directory Traversal vulnerability in the `unpackDocumentArchive(...)` function located in `core/document.cpp`. This can lead to Arbitrary file creation on the user workstation. The attack is exploitable when the victim opens a specially crafted Okular archive. **Recommendations** For okular versions prior to 18.08.1, update to version 18.08.1 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the `unpackDocumentArchive(...)` function until a patch is available. Restrict access to specially crafted Okular archives to minimize the risk of exploitation.