ΠΠΏΡΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 30 ΠΈΡΠ». 2021
ΠΡΡΠΎΡΠ½ΠΈΠΊ: ubuntu
ΠΡΠΈΠΎΡΠΈΡΠ΅Ρ: medium
EPSS Π‘ΡΠ΅Π΄Π½ΠΈΠΉ
CVSS2: 3.6
CVSS3: 7.1
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | needed | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
10
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| bionic | released | 1:1.10.5+submodules+notgz-1ubuntu1.18.04.4 |
| devel | released | 1:1.10.12+submodules+notgz+20210212-1ubuntu1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | 1:1.10.5+submodules+notgz-1ubuntu1.18.04.4 |
| esm-infra/focal | not-affected | 1:1.10.9+submodules+notgz-1ubuntu0.20.04.3 |
| esm-infra/xenial | released | 1:1.10.1+submodules+notgz-6ubuntu0.3+esm1 |
| focal | released | 1:1.10.9+submodules+notgz-1ubuntu0.20.04.3 |
| hirsute | released | 1:1.10.9+submodules+notgz-1.1ubuntu1.1 |
| impish | released | 1:1.10.12+submodules+notgz+20210212-1ubuntu1 |
| jammy | released | 1:1.10.12+submodules+notgz+20210212-1ubuntu1 |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
10
EPSS
ΠΡΠΎΡΠ΅Π½ΡΠΈΠ»Ρ: 93%
0.11731
Π‘ΡΠ΅Π΄Π½ΠΈΠΉ
3.6 Low
CVSS2
7.1 High
CVSS3
Π‘Π²ΡΠ·Π°Π½Π½ΡΠ΅ ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΠΈ
CVSS3: 7.4
redhat
ΠΏΠΎΡΡΠΈ 4 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄
In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.
CVSS3: 7.1
nvd
ΠΏΠΎΡΡΠΈ 4 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄
In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.
CVSS3: 7.1
debian
ΠΏΠΎΡΡΠΈ 4 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄
In Archive_Tar before 1.4.14, symlinks can refer to targets outside of ...
EPSS
ΠΡΠΎΡΠ΅Π½ΡΠΈΠ»Ρ: 93%
0.11731
Π‘ΡΠ΅Π΄Π½ΠΈΠΉ
3.6 Low
CVSS2
7.1 High
CVSS3