CVE-2010-4226

Опубликовано: 06 фев. 2014

Источник: nvd

CVSS3: 7.2

CVSS2: 5

EPSS Низкий

Описание

cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers to overwrite arbitrary files via a symlink within an RPM package archive.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gnu:cpio:*:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:2007.05.10:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:2010.07.28:*:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00568

Низкий

7.2 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-59

Связанные уязвимости

CVE-2010-4226

CVSS3: 7.2

msrc

4 месяца назад

cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers to overwrite arbitrary files via a symlink within an RPM package archive.

GHSA-mwc7-wm76-6x7w

CVSS3: 7.2

github

больше 3 лет назад

cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers to overwrite arbitrary files via a symlink within an RPM package archive.

openSUSE-SU-2017:3259-1

suse-cvrf

около 8 лет назад

Security update for the OBS toolchain

SUSE-SU-2017:3253-1

suse-cvrf

около 8 лет назад

Fixing security issues on OBS toolchain

EPSS

Процентиль: 68%

0.00568

Низкий

7.2 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-59