Lucene search
K

59 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.4 views

MiracleLinux 8 : cpio-2.12-11.el8.ML.1 (AXSA:2022-3303:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3303:02 advisory. Update the version to 2.12-11.el8.ML.1. Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

7.8CVSS8.4AI score0.0415EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.7 views

TencentOS Server 3: cpio (TSSA-2022:0199)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0199 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

7.8CVSS7.5AI score0.0415EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.30 views

RHEL 6 : cpio (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cpio: improper input validation when writing tar header fields leads to unexpected tar generation...

7.9AI score0.05484EPSS
Exploits7References5
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.25 views

CentOS 9 : cpio-2.13-16.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the cpio-2.13-16.el9 build changelog. - GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr integer overflow that...

7.8CVSS7.5AI score0.0415EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/12/27 12:0 a.m.26 views

NewStart CGSL MAIN 6.06 : cpio Vulnerability (NS-SA-2023-0088)

The remote NewStart CGSL host, running version MAIN 6.06, has cpio packages installed that are affected by a vulnerability: - GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr integer overflow that triggers an out-of-boun...

7.8CVSS7.5AI score0.0415EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.29 views

Rocky Linux 8 : cpio (RLSA-2022:1991)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1991 advisory. - GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr integer overflow that triggers an...

7.8CVSS7.5AI score0.0415EPSS
Exploits1References3
OSV
OSV
added 2023/08/31 12:14 p.m.1 views

BELL-CVE-2021-38185 CVE-2021-38185 does not affect BellSoft software

Bulletin has no description...

7.8CVSS5.8AI score0.0415EPSS
Exploits1References1
Debian
Debian
added 2023/06/04 8:12 p.m.26 views

[SECURITY] [DLA 3445-1] cpio security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3445-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk June 04, 2023 https://wiki.debian.org/LTS -...

7.8CVSS8.4AI score0.0415EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2023/03/07 12:0 a.m.57 views

Amazon Linux 2 : cpio (ALAS-2023-1972)

The version of cpio installed on the remote host is prior to 2.12-11. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1972 advisory. GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr integer...

7.8CVSS7.5AI score0.0415EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:38 a.m.6 views

SUSE CVE-2021-38185

GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is...

8.8CVSS9.5AI score0.0415EPSS
Exploits1References92
OpenVAS
OpenVAS
added 2023/01/31 12:0 a.m.13 views

Huawei EulerOS: Security Advisory for cpio (EulerOS-SA-2023-1248)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.9AI score0.0415EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/01/30 12:0 a.m.35 views

EulerOS Virtualization 3.0.2.2 : cpio (EulerOS-SA-2023-1248)

According to the versions of the cpio package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr intege...

7.8CVSS7.5AI score0.0415EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/25 3:2 p.m.46 views

Security Bulletin: IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID:CVE-2021-38185 DESCRIPTION: GNU cpio could allow a remote attacker to execute arbitrary code on the system, caused by an integer...

7.8CVSS8.2AI score0.04683EPSS
Exploits2Affected Software1
CBLMariner
CBLMariner
added 2022/06/03 5:54 p.m.13 views

CVE-2021-38185 affecting package cpio for versions less than 2.13-4

CVE-2021-38185 affecting package cpio for versions less than 2.13-4. A patched version of the package is available...

7.8CVSS8AI score0.0415EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/05/18 12:0 a.m.33 views

Oracle Linux 8 : cpio (ELSA-2022-1991)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2022-1991 advisory. 2.12-11 - Fixed CVE-2021-38185 1992511 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

7.8CVSS6.9AI score0.0415EPSS
Exploits1References2
Oracle linux
Oracle linux
added 2022/05/17 12:0 a.m.50 views

cpio security update

2.12-11 - Fixed CVE-2021-38185 1992511...

7.8CVSS1.8AI score0.0415EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/05/11 12:0 a.m.30 views

RHEL 8 : cpio (RHSA-2022:1991)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1991 advisory. The cpio packages provide the GNU cpio utility for creating and extracting archives, or copying files from one place to another. Security Fixes: cpio...

7.8CVSS7AI score0.0415EPSS
Exploits1References6
Rockylinux
Rockylinux
added 2022/05/10 6:43 a.m.29 views

cpio security update

An update is available for cpio. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cpio packages provide the GNU cpio utility for creating and extracting...

7.8CVSS7.9AI score0.0415EPSS
Exploits1
OSV
OSV
added 2022/05/10 6:43 a.m.24 views

RLSA-2022:1991 Moderate: cpio security update

The cpio packages provide the GNU cpio utility for creating and extracting archives, or copying files from one place to another. Security Fixes: cpio: integer overflow in dsfgetstr in dstring.c can lead to an out-of-bounds write via a crafted pattern file CVE-2021-38185 For more details about the...

7CVSS8AI score0.0415EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/05/10 12:0 a.m.32 views

CentOS 8 : cpio (CESA-2022:1991)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2022:1991 advisory. - cpio: integer overflow in dsfgetstr in dstring.c can lead to an out-of-bounds write via a crafted pattern file CVE-2021-38185 Note that Nessus has not tested...

7.8CVSS7AI score0.0415EPSS
Exploits1References2
Rows per page
Query Builder