Количество 14
Количество 14
BDU:2020-01329
Уязвимость утилиты архивирования Сpio, связанная с ошибками при проверке заголовка TAR-файла, позволяющая нарушителю повысить свои привилегии
ROS-20250825-01
Уязвимость cpio
CVE-2019-14866
In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system.
CVE-2019-14866
In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system.
CVE-2019-14866
In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system.
CVE-2019-14866
In all versions of cpio before 2.13 does not properly validate input f ...
openSUSE-SU-2019:2596-1
Security update for cpio
openSUSE-SU-2019:2593-1
Security update for cpio
SUSE-SU-2019:3064-1
Security update for cpio
SUSE-SU-2019:3059-1
Security update for cpio
RLSA-2021:1582
Moderate: cpio security update
GHSA-g3pr-277r-xcx7
In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system.
ELSA-2021-1582
ELSA-2021-1582: cpio security update (MODERATE)
ELSA-2020-3908
ELSA-2020-3908: cpio security update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2020-01329 Уязвимость утилиты архивирования Сpio, связанная с ошибками при проверке заголовка TAR-файла, позволяющая нарушителю повысить свои привилегии | CVSS3: 6.7 | 0% Низкий | почти 6 лет назад |
 | ROS-20250825-01 Уязвимость cpio | CVSS3: 6.7 | 0% Низкий | 4 месяца назад |
 | CVE-2019-14866 In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system. | CVSS3: 7.3 | 0% Низкий | почти 6 лет назад |
 | CVE-2019-14866 In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system. | CVSS3: 6.7 | 0% Низкий | больше 6 лет назад |
 | CVE-2019-14866 In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system. | CVSS3: 7.3 | 0% Низкий | почти 6 лет назад |
| CVE-2019-14866 In all versions of cpio before 2.13 does not properly validate input f ... | CVSS3: 7.3 | 0% Низкий | почти 6 лет назад |
 | openSUSE-SU-2019:2596-1 Security update for cpio | 0% Низкий | около 6 лет назад | |
| openSUSE-SU-2019:2593-1 Security update for cpio | 0% Низкий | около 6 лет назад | |
| SUSE-SU-2019:3064-1 Security update for cpio | 0% Низкий | около 6 лет назад | |
| SUSE-SU-2019:3059-1 Security update for cpio | 0% Низкий | около 6 лет назад | |
 | RLSA-2021:1582 Moderate: cpio security update | 0% Низкий | больше 4 лет назад | |
| GHSA-g3pr-277r-xcx7 In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system. | CVSS3: 7.3 | 0% Низкий | больше 3 лет назад |
| ELSA-2021-1582 ELSA-2021-1582: cpio security update (MODERATE) | больше 4 лет назад | ||
| ELSA-2020-3908 ELSA-2020-3908: cpio security update (MODERATE) | около 5 лет назад |
Уязвимостей на страницу