Описание
Debian's cpio contains a path traversal vulnerability. This issue was introduced by reverting CVE-2015-1197 patches which had caused a regression in --no-absolute-filenames. Upstream has since provided a proper fix to --no-absolute-filenames.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | 2.15+dfsg-1ubuntu1 |
| esm-infra-legacy/trusty | not-affected | see notes |
| esm-infra/bionic | not-affected | see notes |
| esm-infra/focal | released | 2.13+dfsg-2ubuntu0.4 |
| esm-infra/xenial | not-affected | see notes |
| focal | released | 2.13+dfsg-2ubuntu0.4 |
| jammy | released | 2.13+dfsg-7ubuntu0.1 |
| lunar | ignored | end of life, was needed |
| mantic | released | 2.13+dfsg-7.1ubuntu0.1 |
Показывать по
EPSS
4.9 Medium
CVSS3
Связанные уязвимости
Debian's cpio contains a path traversal vulnerability. This issue was introduced by reverting CVE-2015-1197 patches which had caused a regression in --no-absolute-filenames. Upstream has since provided a proper fix to --no-absolute-filenames.
Debian's cpio contains a path traversal vulnerability. This issue was introduced by reverting CVE-2015-1197 patches which had caused a regression in --no-absolute-filenames. Upstream has since provided a proper fix to --no-absolute-filenames.
Debian's cpio contains a path traversal vulnerability. This issue was introduced by reverting CVE-2015-1197 patches which had caused a regression in --no-absolute-filenames. Upstream has since provided a proper fix to --no-absolute-filenames.
Debian's cpio contains a path traversal vulnerability. This issue was ...
EPSS
4.9 Medium
CVSS3