MiracleLinux 8 : cpio-2.12-10.el8 (AXSA:2021-1794:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1794:01 advisory. cpio: improper input validation when writing tar header fields leads to unexpected tar generation CVE-2019-14866 Tenable has extracted the preceding...

Siemens Ruggedcom ROX Improper Input Validation (CVE-2019-14866)

In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have...

RHEL 6 : cpio (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cpio: improper input validation when writing tar header fields leads to unexpected tar generation...

Rocky Linux 8 : cpio (RLSA-2021:1582)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:1582 advisory. - In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an...

[SECURITY] [DLA 3445-1] cpio security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3445-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk June 04, 2023 https://wiki.debian.org/LTS -...

NewStart CGSL MAIN 6.02 : cpio Vulnerability (NS-SA-2022-0059)

The remote NewStart CGSL host, running version MAIN 6.02, has cpio packages installed that are affected by a vulnerability: - In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker ca...

AlmaLinux 8 : cpio (ALSA-2021:1582)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2021:1582 advisory. - In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an...

Moderate: Red Hat Security Advisory: cpio security update

An update for cpio is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

NewStart CGSL CORE 5.05 / MAIN 5.05 : cpio Vulnerability (NS-SA-2021-0169)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has cpio packages installed that are affected by a vulnerability: - In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an...

Moderate: Red Hat Security Advisory: cpio security update

An update for cpio is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

Moderate: cpio security update

The cpio packages provide the GNU cpio utility for creating and extracting archives, or copying files from one place to another. Security Fixes: cpio: improper input validation when writing tar header fields leads to unexpected tar generation CVE-2019-14866 For more details about the security...

RLSA-2021:1582 Moderate: cpio security update

The cpio packages provide the GNU cpio utility for creating and extracting archives, or copying files from one place to another. Security Fixes: cpio: improper input validation when writing tar header fields leads to unexpected tar generation CVE-2019-14866 For more details about the security...

SUSE: Security Advisory (SUSE-SU-2019:3064-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: cpio

Issue Overview: It was discovered cpio does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have...

Amazon Linux 2 : cpio (ALAS-2020-1505)

The version of cpio installed on the remote host is prior to 2.11-28. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1505 advisory. It was discovered cpio does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives...

EulerOS Virtualization 3.0.2.2 : cpio (EulerOS-SA-2020-2216)

According to the version of the cpio package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - blktrace aka Block IO Tracing 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the devmapread function in...

Huawei EulerOS: Security Advisory for cpio (EulerOS-SA-2020-2216)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : cpio on SL7.x x86_64 (20201001)

Security Fixes : - cpio: improper input validation when writing tar header fields leads to unexpect tar generation CVE-2019-14866 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid141753; scriptversion"1.3";...

Oracle Linux 7 : cpio (ELSA-2020-3908)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-3908 advisory. 2.11-28 - Improper input validation when writing tar header fields 1766222 Tenable has extracted the preceding description block directly from the Oracle Linux...

Moderate: Red Hat Security Advisory: cpio security update

An update for cpio is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...