Опубликовано: 17 июл. 2017
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 7.5
Описание
Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using ".." in tar archive entries
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 0.4.1-1 |
| cosmic | not-affected | 0.4.1-1 |
| devel | not-affected | 0.4.1-1 |
| esm-apps/bionic | not-affected | 0.4.1-1 |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 0.4.1-1 |
Показывать по
10
EPSS
Процентиль: 42%
0.00198
Низкий
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
больше 8 лет назад
Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using ".." in tar archive entries
CVSS3: 7.5
debian
больше 8 лет назад
Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable ...
EPSS
Процентиль: 42%
0.00198
Низкий
5 Medium
CVSS2
7.5 High
CVSS3