Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-7216HistoryFeb 05, 2024 - 3:15 p.m.
CVE-2023-7216
2024-02-0515:15:08
Debian Security Bug Tracker
security-tracker.debian.org
17
cve-2023-7216
path traversal
cpio
utility
remote attack
symlinks
arbitrary commands
unix
A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which could be utilized to run arbitrary commands on the target system.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cpio | <= 2.13+dfsg-7.1 | cpio_2.13+dfsg-7.1_all.deb |
| Debian | 11 | all | cpio | <= 2.13+dfsg-7.1~deb11u1 | cpio_2.13+dfsg-7.1~deb11u1_all.deb |
| Debian | 10 | all | cpio | <= 2.12+dfsg-9 | cpio_2.12+dfsg-9_all.deb |
| Debian | 999 | all | cpio | <= 2.15+dfsg-1 | cpio_2.15+dfsg-1_all.deb |
| Debian | 13 | all | cpio | <= 2.15+dfsg-1 | cpio_2.15+dfsg-1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2023-7216
2024-02-05 00:00:00
cvelist
cvelist
f5
f5
K000139570: UNIX CPIO vulnerability CVE-2023-7216
2024-05-10 00:00:00
cve
cve
CVE-2023-7216
2024-02-05 15:15:08
nvd
nvd
CVE-2023-7216
2024-02-05 15:15:08
prion
prion
Path traversal
2024-02-05 15:15:00
redhatcve
redhatcve
CVE-2023-7216
2024-02-05 15:11:57
nessus
nessus
RHEL 6 : cpio (Unpatched Vulnerability)
2024-05-11 00:00:00