← Back

Arq

arq

Vendor: Haystacksoftware • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2017-16945
1Haystacksoftware
1Arq
Nov 21, 2024
Jan 31, 2018
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
The standardrestorer binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted restore path.
CVE-2017-16928
1Haystacksoftware
1Arq
Nov 21, 2024
Jan 31, 2018
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
The arq_updater binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted update URL, as demonstrated by file:///tmp/blah/Arq.zip.