Описание
cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.11+dfsg-4.1ubuntu1 |
| esm-infra-legacy/trusty | released | 2.11+dfsg-1ubuntu1.2 |
| esm-infra/xenial | not-affected | 2.11+dfsg-4.1ubuntu1 |
| lucid | ignored | end of life |
| precise | released | 2.11-7ubuntu3.2 |
| precise/esm | not-affected | 2.11-7ubuntu3.2 |
| trusty | released | 2.11+dfsg-1ubuntu1.2 |
| trusty/esm | released | 2.11+dfsg-1ubuntu1.2 |
| upstream | released | 2.11+dfsg-4.1 |
| utopic | ignored | end of life |
Показывать по
EPSS
1.9 Low
CVSS2
Связанные уязвимости
cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive.
cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive.
cpio 2.11, when using the --no-absolute-filenames option, allows local ...
cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive.
EPSS
1.9 Low
CVSS2