Описание
Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.7.3-1 |
| esm-infra-legacy/trusty | released | 2.7.1-4ubuntu2.3 |
| lucid | not-affected | 2.6-2ubuntu1 |
| precise | not-affected | 2.6.1-3 |
| trusty | released | 2.7.1-4ubuntu2.3 |
| trusty/esm | released | 2.7.1-4ubuntu2.3 |
| upstream | released | 2.7.3-1 |
| utopic | released | 2.7.1-5ubuntu0.3 |
| vivid | released | 2.7.3-1 |
Показывать по
EPSS
7.8 High
CVSS2
7.5 High
CVSS3
Связанные уязвимости
Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.
Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.
Directory traversal vulnerability in GNU patch versions which support ...
Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.
Уязвимость компонента, поддерживаемого Git-style, программной Unix-утилиты GNU Patch операционных систем Ubuntu, Fedora, позволяющая нарушителю изменять произвольные файлы
EPSS
7.8 High
CVSS2
7.5 High
CVSS3