​
DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2024-24789

Published

Last updated

https://nvd.nist.gov/vuln/detail/CVE-2024-24789

Severity

5.5

Medium

CVSS V3

Description

The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.

References

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images