CVE-2019-16892

CVE-2019-16892

In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. This allows attackers to cause a denial of service (disk consumption).

Source: CVE-2019-16892

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다