Описание
An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 3.5.2-1 |
| esm-infra-legacy/trusty | needs-triage | |
| esm-infra/bionic | needed | |
| esm-infra/focal | not-affected | 3.4.0-2ubuntu1.1 |
| esm-infra/xenial | needs-triage | |
| focal | released | 3.4.0-2ubuntu1.1 |
| hirsute | ignored | end of life |
| impish | released | 3.4.3-2ubuntu0.1 |
| jammy | not-affected | 3.5.2-1 |
Показывать по
EPSS
7.8 High
CVSS3
Связанные уязвимости
An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system.
An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system.
An improper link resolution flaw can occur while extracting an archive ...
EPSS
7.8 High
CVSS3