Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-2047-1
HistoryMay 17, 2010 - 12:00 a.m.

aria2 - directory traversal

2010-05-1700:00:00
Google
osv.dev
6

0.007 Low

EPSS

Percentile

79.9%

JSON

A vulnerability was discovered in aria2, a download client. The “name”
attribute of the “file” element of metalink files is not properly
sanitised before using it to download files. If a user is tricked into
downloading from a specially crafted metalink file, this can be
exploited to download files to directories outside of the intended
download directory.

For the stable distribution (lenny), this problem has been fixed in
version 0.14.0-1+lenny2.

For the unstable distribution (sid), this problem has been fixed in
version 1.9.3-1.

We recommend that you upgrade your aria2 package.

CPENameOperatorVersion
aria2eq0.14.0-1
aria2eq0.14.0-1+lenny1

Related

nessus 8
openvas 14
fedora 3
ubuntucve 1
securityvulns 2
debian 1
debiancve 1
cve 1
gentoo 1
prion 1
nvd 1
cvelist 1
nessus
nessus
Fedora 13 : aria2-1.9.3-1.fc13 (2010-8905)
2010-07-01 00:00:00
Fedora 12 : aria2-1.9.3-1.fc12 (2010-8908)
2010-07-01 00:00:00
Mandriva Linux Security Advisory : aria2 (MDVSA-2010:106)
2010-05-25 00:00:00
openvas
openvas
Mandriva Update for aria2 MDVSA-2010:106 (aria2)
2010-05-28 00:00:00
Fedora Update for aria2 FEDORA-2010-8908
2010-05-28 00:00:00
Mandriva Update for aria2 MDVSA-2010:106 (aria2)
2010-05-28 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: aria2-1.9.3-1.fc12
2010-05-22 01:52:33
[SECURITY] Fedora 11 Update: aria2-1.9.3-1.fc11
2010-05-22 01:53:23
[SECURITY] Fedora 13 Update: aria2-1.9.3-1.fc13
2010-05-22 01:52:23
ubuntucve
ubuntucve
CVE-2010-1512
2010-05-17 00:00:00
securityvulns
securityvulns
Secunia Research: aria2 metalink "name" Directory Traversal Vulnerability
2010-05-17 00:00:00
aria2 directory traversal
2010-05-17 00:00:00
debian
debian
[SECURITY] [DSA 2047-1] New aria2 packages fix directory traversal
2010-05-17 18:28:36
debiancve
debiancve
CVE-2010-1512
2010-05-17 21:00:01
cve
cve
CVE-2010-1512
2010-05-17 21:00:01
gentoo
gentoo
aria2: Directory traversal
2011-01-15 00:00:00
prion
prion
Directory traversal
2010-05-17 21:00:00
nvd
nvd
CVE-2010-1512
2010-05-17 21:00:01
cvelist
cvelist
CVE-2010-1512
2010-05-17 20:42:00

0.007 Low

EPSS

Percentile

79.9%

JSON
Related for OSV:DSA-2047-1
nessus8openvas14fedora3ubuntucve1securityvulns2debian1debiancve1cve1gentoo1prion1nvd1cvelist1