Flightcrew Project Flightcrew vulnerabilities
3 known vulnerabilities affecting flightcrew_project/flightcrew.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2019-14452HIGHCVSS 7.5≥ 0.9.22019-07-31
CVE-2019-14452 [HIGH] CWE-22 CVE-2019-14452: Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary fi
Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction.
nvd
CVE-2019-13241HIGHCVSS 7.8≤ 0.9.22019-07-04
CVE-2019-13241 [HIGH] CWE-22 CVE-2019-13241: FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arb
FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction.
nvdosv
CVE-2019-13032MEDIUMCVSS 5.5≤ 0.9.22019-06-28
CVE-2019-13032 [MEDIUM] CWE-476 CVE-2019-13032: An issue was discovered in FlightCrew v0.9.2 and earlier. A NULL pointer dereference occurs in GetRe
An issue was discovered in FlightCrew v0.9.2 and earlier. A NULL pointer dereference occurs in GetRelativePathToNcx() or GetRelativePathsToXhtmlDocuments() when a NULL pointer is passed to xc::XMLUri::isValidURI(). This affects third-party software (not Sigil) that uses FlightCrew as a library.
nvdosv