Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

msrc логотип

CVE-2021-40153

Опубликовано: 20 янв. 2022
Источник: msrc
CVSS3: 8.1
EPSS Низкий

Описание

Описание отсутствует

Возможность эксплуатации

DOS

N/A

EPSS

Процентиль: 65%
0.00496
Низкий

8.1 High

CVSS3

Связанные уязвимости

CVSS3: 8.1
ubuntu
почти 4 года назад

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.

CVSS3: 8.1
redhat
почти 6 лет назад

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.

CVSS3: 8.1
nvd
почти 4 года назад

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.

CVSS3: 8.1
debian
почти 4 года назад

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the file ...

CVSS3: 8.1
github
около 3 лет назад

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.

EPSS

Процентиль: 65%
0.00496
Низкий

8.1 High

CVSS3