Gentoo Linux Security Advisory 202101-6 - Ark was found to allow arbitrary file overwrite, possibly allowing arbitrary code execution. Versions less than 20.04.3-r2 are affected.
9d496c7e003aa2fdaf3c8ccad12931b88f256343a8b6927b362b1c36119c50e5
Gentoo Linux Security Advisory 202010-6 - Ark was found to allow arbitrary file overwrite, possibly allowing arbitrary code execution. Versions less than 20.04.3-r2 are affected.
7ce6012167204b1164242785146d2c17eabd6ae521889185777f34b6f57ce3c1
Debian Linux Security Advisory 4759-1 - Fabian Vogt reported that the Ark archive manager did not sanitise extraction paths, which could result in maliciously crafted archives with symlinks writing outside the extraction directory.
e952c13ded54efaf8d191ee6b8dbf6989ef4ccc147b6b43789a9e7bfcf70434d
Ubuntu Security Notice 4482-1 - Fabian Vogt discovered that Ark incorrectly handled symbolic links in tar archive files. An attacker could use this to construct a malicious tar archive that, when opened, would create files outside the extraction directory.
9029a5b793714659d03b99eb0827fce84ae857f119c368cca2e3fd5aa483184a