CVE-2020-14352HIGHCVSS 8.0fixed in 1.12.1ยทvlibrepo versions before 1.12.12020-08-30
CVE-2020-14352 [HIGH] CWE-22 CVE-2020-14352: A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found
A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the destination directory on the targeted system via path traversal. This flaw could potentially result in
cvelistv5nvd