CVE-2015-2304

Опубликовано: 16 янв. 2015

Источник: redhat

CVSS2: 2.6

Описание

Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.

Отчет

Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	libarchive	Will not fix
Red Hat Enterprise Linux 7	libarchive	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-22

https://bugzilla.redhat.com/show_bug.cgi?id=1192482libarchive: directory traversal in bsdcpio

2.6 Low

CVSS2

Связанные уязвимости

CVE-2015-2304

ubuntu

почти 11 лет назад

Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.

CVE-2015-2304

nvd

почти 11 лет назад

Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.

CVE-2015-2304

debian

почти 11 лет назад

Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 a ...

GHSA-fg4c-3cxq-4rf3

github

больше 3 лет назад

Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.

SUSE-SU-2015:0667-1

suse-cvrf

почти 11 лет назад

Security update for libarchive

2.6 Low

CVSS2