CVE-2017-8314

Priority
Description
Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and
earlier allows arbitrary file write on disk via a Zip file as subtitles.
Notes
Package
Source: kodi (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (15.2+dfsg1-3ubuntu1.1)
More Information

Updated: 2020-01-29 20:00:03 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)