Логотип exploitDog
bind:"CVE-2021-40153" OR bind:"CVE-2021-41072"
Консоль
Логотип exploitDog

exploitDog

bind:"CVE-2021-40153" OR bind:"CVE-2021-41072"

Количество 19

Количество 19

rocky логотип

RLSA-2024:3139

около 1 года назад

Moderate: squashfs-tools security update

EPSS: Низкий
oracle-oval логотип

ELSA-2024-3139

около 1 года назад

ELSA-2024-3139: squashfs-tools security update (MODERATE)

EPSS: Низкий
oracle-oval логотип

ELSA-2024-2396

больше 1 года назад

ELSA-2024-2396: squashfs-tools security update (MODERATE)

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2023:4591-1

больше 1 года назад

Security update for squashfs

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2023:4424-1

почти 2 года назад

Security update for squashfs

EPSS: Низкий
ubuntu логотип

CVE-2021-41072

почти 4 года назад

squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.

CVSS3: 8.1
EPSS: Низкий
redhat логотип

CVE-2021-41072

почти 4 года назад

squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.

CVSS3: 8.1
EPSS: Низкий
nvd логотип

CVE-2021-41072

почти 4 года назад

squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.

CVSS3: 8.1
EPSS: Низкий
msrc логотип

CVE-2021-41072

больше 3 лет назад

CVSS3: 8.1
EPSS: Низкий
debian логотип

CVE-2021-41072

почти 4 года назад

squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Director ...

CVSS3: 8.1
EPSS: Низкий
ubuntu логотип

CVE-2021-40153

почти 4 года назад

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.

CVSS3: 8.1
EPSS: Низкий
redhat логотип

CVE-2021-40153

почти 6 лет назад

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.

CVSS3: 8.1
EPSS: Низкий
nvd логотип

CVE-2021-40153

почти 4 года назад

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.

CVSS3: 8.1
EPSS: Низкий
msrc логотип

CVE-2021-40153

больше 3 лет назад

CVSS3: 8.1
EPSS: Низкий
debian логотип

CVE-2021-40153

почти 4 года назад

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the file ...

CVSS3: 8.1
EPSS: Низкий
github логотип

GHSA-f6m6-9fjw-69qm

около 3 лет назад

squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.

CVSS3: 8.1
EPSS: Низкий
github логотип

GHSA-98f5-57cr-27p7

около 3 лет назад

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.

CVSS3: 8.1
EPSS: Низкий
fstec логотип

BDU:2021-06307

почти 6 лет назад

Уязвимость функции squashfs_opendir компонента unsquash-2.c набора инструментов для создания и извлечения файловых систем Squashfs Squashfs-Tools, связанная с неверным определением символических ссылок перед доступом к файлу, позволяющая нарушителю нарушить целостность данных, а также вызвать отказ в обслуживании

CVSS3: 8.1
EPSS: Низкий
fstec логотип

BDU:2021-05217

почти 6 лет назад

Уязвимость функции squashfs_opendir компонента unsquash-1.c набора инструментов для создания и извлечения файловых систем Squashfs Squashfs-Tools, связанная с недостатками ограничения имени пути к каталогу, позволяющая нарушителю нарушить целостность данных, а также вызвать отказ в обслуживании

CVSS3: 8.1
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
rocky логотип
RLSA-2024:3139

Moderate: squashfs-tools security update

около 1 года назад
oracle-oval логотип
ELSA-2024-3139

ELSA-2024-3139: squashfs-tools security update (MODERATE)

около 1 года назад
oracle-oval логотип
ELSA-2024-2396

ELSA-2024-2396: squashfs-tools security update (MODERATE)

больше 1 года назад
suse-cvrf логотип
SUSE-SU-2023:4591-1

Security update for squashfs

больше 1 года назад
suse-cvrf логотип
SUSE-SU-2023:4424-1

Security update for squashfs

почти 2 года назад
ubuntu логотип
CVE-2021-41072

squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.

CVSS3: 8.1
4%
Низкий
почти 4 года назад
redhat логотип
CVE-2021-41072

squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.

CVSS3: 8.1
4%
Низкий
почти 4 года назад
nvd логотип
CVE-2021-41072

squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.

CVSS3: 8.1
4%
Низкий
почти 4 года назад
msrc логотип
CVSS3: 8.1
4%
Низкий
больше 3 лет назад
debian логотип
CVE-2021-41072

squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Director ...

CVSS3: 8.1
4%
Низкий
почти 4 года назад
ubuntu логотип
CVE-2021-40153

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.

CVSS3: 8.1
0%
Низкий
почти 4 года назад
redhat логотип
CVE-2021-40153

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.

CVSS3: 8.1
0%
Низкий
почти 6 лет назад
nvd логотип
CVE-2021-40153

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.

CVSS3: 8.1
0%
Низкий
почти 4 года назад
msrc логотип
CVSS3: 8.1
0%
Низкий
больше 3 лет назад
debian логотип
CVE-2021-40153

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the file ...

CVSS3: 8.1
0%
Низкий
почти 4 года назад
github логотип
GHSA-f6m6-9fjw-69qm

squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.

CVSS3: 8.1
4%
Низкий
около 3 лет назад
github логотип
GHSA-98f5-57cr-27p7

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.

CVSS3: 8.1
0%
Низкий
около 3 лет назад
fstec логотип
BDU:2021-06307

Уязвимость функции squashfs_opendir компонента unsquash-2.c набора инструментов для создания и извлечения файловых систем Squashfs Squashfs-Tools, связанная с неверным определением символических ссылок перед доступом к файлу, позволяющая нарушителю нарушить целостность данных, а также вызвать отказ в обслуживании

CVSS3: 8.1
4%
Низкий
почти 6 лет назад
fstec логотип
BDU:2021-05217

Уязвимость функции squashfs_opendir компонента unsquash-1.c набора инструментов для создания и извлечения файловых систем Squashfs Squashfs-Tools, связанная с недостатками ограничения имени пути к каталогу, позволяющая нарушителю нарушить целостность данных, а также вызвать отказ в обслуживании

CVSS3: 8.1
0%
Низкий
почти 6 лет назад

Уязвимостей на страницу