CVE-2015-2304

Опубликовано: 15 мар. 2015

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 6.4

Описание

Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.

Релиз	Статус	Примечание
devel	not-affected	3.1.2-11
esm-infra-legacy/trusty	released	3.1.2-7ubuntu2.1
lucid	ignored	end of life
precise	released	3.0.3-6ubuntu1.1
trusty	released	3.1.2-7ubuntu2.1
trusty/esm	released	3.1.2-7ubuntu2.1
upstream	released	3.1.2-11
utopic	released	3.1.2-9ubuntu0.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 87%

0.03517

Низкий

6.4 Medium

CVSS2

Связанные уязвимости

CVE-2015-2304

redhat

около 11 лет назад

Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.

CVE-2015-2304

nvd

почти 11 лет назад

Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.

CVE-2015-2304

debian

почти 11 лет назад

Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 a ...

GHSA-fg4c-3cxq-4rf3

github

больше 3 лет назад

Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.

SUSE-SU-2015:0667-1

suse-cvrf

почти 11 лет назад

Security update for libarchive

EPSS

Процентиль: 87%

0.03517

Низкий

6.4 Medium

CVSS2

CVE-2015-2304

Описание

Пакет libarchive

Ссылки на источники

Связанные уязвимости