Количество 18
Количество 18
CVE-2021-38185
GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data.
CVE-2021-38185
GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data.
CVE-2021-38185
GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data.
CVE-2021-38185
GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file associated with the -E option is untrusted data.
CVE-2021-38185
GNU cpio through 2.13 allows attackers to execute arbitrary code via a ...
openSUSE-SU-2021:2689-1
Security update for cpio
SUSE-SU-2021:2808-1
Security update for cpio
SUSE-SU-2021:2686-1
Security update for cpio
SUSE-SU-2021:14788-1
Security update for cpio
SUSE-SU-2021:14777-1
Security update for cpio
SUSE-RU-2021:2780-1
Recommended update for cpio
SUSE-RU-2021:2779-1
Recommended update for cpio
RLSA-2022:1991
Moderate: cpio security update
GHSA-pp74-ghrg-jwfh
GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data.
ELSA-2022-1991
ELSA-2022-1991: cpio security update (MODERATE)
BDU:2021-05090
Уязвимость компонента dstring.c пакета cpio операционной системы Debian GNU/Linux, позволяющая нарушителю выполнить произвольный код через созданный файл
ROS-20240730-15
Уязвимость automake
ROS-20240730-03
Уязвимость cpio
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-38185 GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data. | CVSS3: 7.8 | 27% Средний | больше 4 лет назад |
 | CVE-2021-38185 GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data. | CVSS3: 7 | 27% Средний | больше 4 лет назад |
 | CVE-2021-38185 GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data. | CVSS3: 7.8 | 27% Средний | больше 4 лет назад |
 | CVE-2021-38185 GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file associated with the -E option is untrusted data. | CVSS3: 7.8 | 27% Средний | больше 4 лет назад |
| CVE-2021-38185 GNU cpio through 2.13 allows attackers to execute arbitrary code via a ... | CVSS3: 7.8 | 27% Средний | больше 4 лет назад |
 | openSUSE-SU-2021:2689-1 Security update for cpio | 27% Средний | больше 4 лет назад | |
| SUSE-SU-2021:2808-1 Security update for cpio | 27% Средний | больше 4 лет назад | |
| SUSE-SU-2021:2686-1 Security update for cpio | 27% Средний | больше 4 лет назад | |
| SUSE-SU-2021:14788-1 Security update for cpio | 27% Средний | больше 4 лет назад | |
| SUSE-SU-2021:14777-1 Security update for cpio | 27% Средний | больше 4 лет назад | |
| SUSE-RU-2021:2780-1 Recommended update for cpio | 27% Средний | больше 4 лет назад | |
| SUSE-RU-2021:2779-1 Recommended update for cpio | 27% Средний | больше 4 лет назад | |
 | RLSA-2022:1991 Moderate: cpio security update | 27% Средний | больше 3 лет назад | |
| GHSA-pp74-ghrg-jwfh GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data. | CVSS3: 7.8 | 27% Средний | больше 3 лет назад |
| ELSA-2022-1991 ELSA-2022-1991: cpio security update (MODERATE) | больше 3 лет назад | ||
 | BDU:2021-05090 Уязвимость компонента dstring.c пакета cpio операционной системы Debian GNU/Linux, позволяющая нарушителю выполнить произвольный код через созданный файл | CVSS3: 7.3 | 27% Средний | больше 4 лет назад |
 | ROS-20240730-15 Уязвимость automake | CVSS3: 7.3 | 27% Средний | больше 1 года назад |
| ROS-20240730-03 Уязвимость cpio | CVSS3: 7.3 | 27% Средний | больше 1 года назад |
Уязвимостей на страницу