Описание
Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | released | 1:1.27.2-2ubuntu3 |
| cosmic | released | 1:1.27.2-2ubuntu3 |
| devel | released | 1:1.27.2-2ubuntu3 |
| disco | released | 1:1.27.2-2ubuntu3 |
| eoan | released | 1:1.27.2-2ubuntu3 |
| esm-infra-legacy/trusty | not-affected | 1:1.21.0-1ubuntu1.4 |
| esm-infra/bionic | not-affected | 1:1.27.2-2ubuntu3 |
| esm-infra/focal | not-affected | 1:1.27.2-2ubuntu3 |
| esm-infra/xenial | not-affected | 1:1.22.0-15ubuntu1.4 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.
Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.
Directory traversal vulnerability in the BusyBox implementation of tar ...
Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.
Уязвимость набора UNIX-утилит командной строки BusyBox, связанная с некорректным ограничением имени пути к каталогу, позволяющая нарушителю оказать воздействие на целостность данных
EPSS
5 Medium
CVSS2
7.5 High
CVSS3