Lucene search
K

9 matches found

Amazon
Amazon
added 2024/03/06 12:0 a.m.5 views

Important: engrampa

Issue Overview: Engrampa is an archive manager for the MATE environment. Engrampa is found to be vulnerable to a Path Traversal vulnerability that can be leveraged to achieve full Remote Command Execution RCE on the target. While handling CPIO archives, the Engrampa Archive manager follows symlin...

9.6CVSS7.1AI score0.01652EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/03/06 12:0 a.m.25 views

Amazon Linux 2 : engrampa (ALASMATE-DESKTOP1.X-2024-008)

The version of engrampa installed on the remote host is prior to 1.24.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2MATE-DESKTOP1.X-2024-008 advisory. Engrampa is an archive manager for the MATE environment. Engrampa is found to be vulnerable to a Path Traversal...

9.6CVSS8.4AI score0.01652EPSS
Exploits1References4
Debian
Debian
added 2024/02/26 6:39 p.m.22 views

[SECURITY] [DLA 3741-1] engrampa security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3741-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz February 26, 2024 https://wiki.debian.org/LTS -...

9.6CVSS9.3AI score0.01652EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/02/26 12:0 a.m.29 views

Debian dla-3741 : engrampa - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3741 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3741-1 [email protected] https://www.debian.org/lts/security/...

9.6CVSS8AI score0.01652EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/02/17 12:0 a.m.14 views

Debian dsa-5625 : engrampa - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5625 advisory. - Engrampa is an archive manager for the MATE environment. Engrampa is found to be vulnerable to a Path Traversal vulnerability that can be leveraged to achieve full...

9.6CVSS8.4AI score0.01652EPSS
Exploits1References5
Debian
Debian
added 2024/02/16 7:31 p.m.18 views

[SECURITY] [DSA 5625-1] engrampa security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5625-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 16, 2024 https://www.debian.org/security/faq -...

9.6CVSS9AI score0.01652EPSS
Exploits1
OpenVAS
OpenVAS
added 2024/02/15 12:0 a.m.12 views

Fedora: Security Advisory (FEDORA-2024-23085d548c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.6CVSS8.9AI score0.01652EPSS
Exploits1References3
CVE
CVE
added 2024/02/05 2:51 p.m.81 views

CVE-2023-52138

Summary: CVE-2023-52138 affects Engrampa (MATE archive manager). The vulnerability arises in handling of CPIO archives where symlinks are followed and the archiver does not validate symlink targets, enabling a path traversal that can lead to arbitrary file writes and full Remote Command Execution...

9.6CVSS8.9AI score0.01652EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/05 2:51 p.m.2 views

CVE-2023-52138 Path traversal via crafted cpio archives in Engrampa archivers

Engrampa is an archive manager for the MATE environment. Engrampa is found to be vulnerable to a Path Traversal vulnerability that can be leveraged to achieve full Remote Command Execution RCE on the target. While handling CPIO archives, the Engrampa Archive manager follows symlink, cpio by defau...

8.2CVSS8.9AI score0.01652EPSS
Exploits1References4
Rows per page
Query Builder