511 matches found
ALPINE-CVE-2022-1664
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction ca...
CVE-2022-1664
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction ca...
CVE-2022-1664
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction ca...
Directory traversal
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction ca...
USN-5446-1: dpkg vulnerability
Max Justicz discovered that dpkg incorrectly handled unpacking certain source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or...
CVE-2022-1664 directory traversal for in-place extracts with untrusted v2 and v3 source packages with debian.tar
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction ca...
CVE-2022-1664
CVE-2022-1664 affects dpkg: Dpkg::Source::Archive allows directory traversal during in-place extraction of untrusted v2/v3 source packages that include debian.tar. Affected versions are dpkg before 1.21.8, 1.20.10, 1.19.8, and 1.18.26. Mitigation: upgrade to a fixed dpkg version (e.g., 1.21.8 or ...
CVE-2022-1664
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction ca...
VulnCheck KEV: CVE-2021-35064
KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Sudoers permits running of multiple dangerous commands, including unzip, systemctl and dpkg...
Debian: Security Advisory (DLA-3022-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-5147-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
dpkg 路径遍历漏洞
dpkg is a package management tool for Debian. A path traversal vulnerability exists in dpkg, which stems from a directory traversal issue. The following products and versions are affected: 1.21.8, 1.20.10, 1.19.8, 1.18.26...
Debian DSA-5147-1 : dpkg - security update
The remote Debian 10 / 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5147 advisory. - Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability...
Debian DLA-3022-1 : dpkg - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3022 advisory. Max Justicz reported a directory traversal vulnerability in Dpkg::Source::Archive in dpkg, the Debian package management system. This affects extracting untrusted source...
[SECURITY] [DLA 3022-1] dpkg security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3022-1 [email protected] https://www.debian.org/lts/security/ Salvatore Bonaccorso May 25, 2022 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 5147-1] dpkg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5147-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 25, 2022 https://www.debian.org/security/faq -...
CVE-2022-1664
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction ca...
CVE-2022-1664
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction ca...
DSA-5147-1 dpkg - security update
Bulletin has no description...
DLA-3022-1 dpkg - security update
Bulletin has no description...