CVE-2020-23172

Name of the Vulnerable Software and Affected Versions Kuba versions all

Description A vulnerability allows attackers to overwrite arbitrary files in arbitrary directories with crafted Zip files due to improper validation of file paths in .zip archives.

Recommendations For all versions, consider restricting the handling of .zip archives until a proper fix is applied, and ensure that file paths are properly validated to prevent arbitrary file overwrites.