Directory Traversal Vulnerability in KDE Ark Releases
CVE-2020-16116

3.3LOW

Key Information:

Vendor: Kde
Status: Ark
Vendor: CVE Published:; 3 August 2020

What is CVE-2020-16116?

A vulnerability exists in KDE Ark, where a specially crafted archive can manipulate the extraction process, allowing malicious files to be installed outside the intended extraction directory. This issue, found in jobs.cpp, makes it possible for attackers to exploit the program's directory traversal capabilities, potentially compromising system integrity by placing files in unauthorized locations. Users are advised to update to version 20.08.0 or newer to mitigate this risk.