Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-30333

Опубликовано: 09 мая 2022
Источник: ubuntu
Приоритет: high
EPSS Критический
CVSS2: 5
CVSS3: 7.5

Описание

RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

not-affected

1.0.3-1
esm-apps/bionic

needed

esm-apps/focal

released

0.103.11-0ubuntu0.20.04.1
esm-apps/jammy

released

0.103.11-0ubuntu0.22.04.1
esm-apps/noble

not-affected

1.0.3-1
esm-apps/xenial

needed

focal

released

0.103.11-0ubuntu0.20.04.1
jammy

released

0.103.11-0ubuntu0.22.04.1
lunar

released

0.103.11-0ubuntu0.23.04.1

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

released

2:6.23-1
esm-apps/bionic

needs-triage

esm-apps/focal

released

2:6.23-1~20.04.1
esm-apps/jammy

released

2:6.23-1~22.04.1
esm-apps/noble

released

2:6.23-1
esm-apps/xenial

needs-triage

focal

released

2:6.23-1~20.04.1
jammy

released

2:6.23-1~22.04.1
lunar

ignored

end of life, was needs-triage

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
devel

not-affected

1:6.1.7-1
esm-apps/bionic

needed

esm-apps/focal

released

1:5.6.6-2ubuntu0.1
esm-apps/jammy

released

1:6.1.5-1ubuntu0.1
esm-apps/noble

not-affected

1:6.1.7-1
esm-apps/xenial

needs-triage

focal

released

1:5.6.6-2ubuntu0.1
impish

ignored

end of life
jammy

released

1:6.1.5-1ubuntu0.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 100%
0.90964
Критический

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2022-30333

CVSS3: 7.5
nvd
около 3 лет назад

RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.

debian логотип

CVE-2022-30333

CVSS3: 7.5
debian
около 3 лет назад

RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal ...

suse-cvrf логотип

SUSE-SU-2022:1760-1

suse-cvrf
около 3 лет назад

Security update for unrar

github логотип

GHSA-h4mr-p94x-gf79

CVSS3: 7.5
github
около 3 лет назад

RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.

fstec логотип

BDU:2022-02992

CVSS3: 4.3
fstec
около 3 лет назад

Уязвимость средства разархивирования файлов UnRAR, связанная с неверным ограничением имени пути к каталогу с ограниченным доступом, позволяющая нарушителю перезаписать произвольные файлы

EPSS

Процентиль: 100%
0.90964
Критический

5 Medium

CVSS2

7.5 High

CVSS3