Lucene search
K

21 matches found

OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.19 views

Debian: Security Advisory (DLA-808-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.04742EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.4 views

SUSE CVE-2016-10173

Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry...

7.5CVSS7.1AI score0.04742EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2021:0115-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.04742EPSS
Exploits1References2
OSV
OSV
added 2018/08/21 5:7 p.m.9 views

GHSA-CWP3-834G-X79G Moderate severity vulnerability that affects archive-tar-minitar and minitar

Withdrawn, accidental duplicate publish. Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry...

7.5CVSS7.5AI score0.04742EPSS
Exploits1References2
Gentoo Linux
Gentoo Linux
added 2017/02/22 12:0 a.m.32 views

Ruby Archive::Tar::Minitar: Directory traversal

Background Archive::Tar::Minitar is a pure-Ruby library and command-line utility that provides the ability to deal with POSIX tar1 archive files. Description Michal Marek discovered that Ruby Archive::Tar::Minitar is vulnerable to a directory traversal vulnerability. Impact A remote attacker coul...

7.5CVSS7.5AI score0.04742EPSS
Exploits1
CNVD
CNVD
added 2017/02/08 12:0 a.m.11 views

RubyGems minitar and archive-tar-minitar local directory traversal vulnerability

minitar formerly archive-tar-minitar is a pure Ruby library and command-line utility for working with POSIX tar archives. A directory traversal vulnerability exists in versions prior to minitar 0.6 and archive-tar-minitar 0.5.2 gems. An attacker can exploit this vulnerability to write arbitrary...

7.5CVSS7AI score0.04742EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2017/02/03 12:0 a.m.25 views

Debian Security Advisory DSA 3778-1 (ruby-archive-tar-minitar - security update)

Michal Marek discovered that ruby-archive-tar-minitar, a Ruby library that provides the ability to deal with POSIX tar archive files, is prone to a directory traversal vulnerability. An attacker can take advantage of this flaw to overwrite arbitrary files during archive extraction via a .. dot do...

5CVSS0.4AI score0.04742EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2017/02/03 12:0 a.m.21 views

Debian: Security Advisory (DSA-3778-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.04742EPSS
Exploits1References3
Prion
Prion
added 2017/02/01 3:59 p.m.11 views

Directory traversal

Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry...

5CVSS7.1AI score0.04742EPSS
Exploits1References8Affected Software2
OSV
OSV
added 2017/02/01 3:59 p.m.3 views

UBUNTU-CVE-2016-10173

Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry...

7.5CVSS5.9AI score0.04742EPSS
Exploits1References5
OSV
OSV
added 2017/02/01 3:59 p.m.1 views

DEBIAN-CVE-2016-10173

Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry...

7.5CVSS7.1AI score0.04742EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/02/01 3:0 p.m.26 views

CVE-2016-10173

Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry...

7.4AI score0.04742EPSS
Exploits1References8
CVE
CVE
added 2017/02/01 3:0 p.m.116 views

CVE-2016-10173

CVE-2016-10173 is a directory traversal vulnerability in Ruby gems minitar (before 0.6) and archive-tar-minitar (before 0.5.2). The flaw allows a remote attacker to write arbitrary files by crafting a TAR archive entry containing a path with "..". Public references across NVD, CNVD, GitHub adviso...

7.5CVSS7.3AI score0.04742EPSS
Exploits1References8Affected Software2
Debian CVE
Debian CVE
added 2017/02/01 3:0 p.m.40 views

CVE-2016-10173

Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry...

7.5CVSS7.5AI score0.04742EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2017/02/01 12:0 a.m.29 views

Debian DSA-3778-1 : ruby-archive-tar-minitar - security update

Michal Marek discovered that ruby-archive-tar-minitar, a Ruby library that provides the ability to deal with POSIX tar archive files, is prone to a directory traversal vulnerability. An attacker can take advantage of this flaw to overwrite arbitrary files during archive extraction via a .. dot do...

7.5CVSS7.4AI score0.04742EPSS
Exploits1References4
Debian
Debian
added 2017/01/31 8:6 p.m.16 views

[SECURITY] [DSA 3778-1] ruby-archive-tar-minitar security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3778-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 31, 2017 https://www.debian.org/security/faq -...

7.5CVSS7.4AI score0.04742EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2017/01/31 12:0 a.m.5 views

PT-2017-7783

Name of the Vulnerable Software and Affected Versions minitar versions prior to 0.6 archive-tar-minitar version 0.5.2 Description The issue allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry. This is a directory traversal vulnerability in the minitar and...

7.5CVSS7.3AI score0.04742EPSS
Exploits1References35
Tenable Nessus
Tenable Nessus
added 2017/01/31 12:0 a.m.49 views

Debian DLA-808-1 : ruby-archive-tar-minitar security update

It has been found that rubygem archive-tar-minitar allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename. For Debian 7 'Wheezy', these problems have been fixed in version 0.5.2-2+deb7u1. We recommend that you upgrade your...

7.5CVSS7.3AI score0.04742EPSS
Exploits1References3
OSV
OSV
added 2017/01/31 12:0 a.m.18 views

DSA-3778-1 ruby-archive-tar-minitar - security update

Bulletin has no description...

7.5CVSS7.3AI score0.04742EPSS
Exploits1
Debian
Debian
added 2017/01/30 9:10 p.m.26 views

[SECURITY] [DLA 808-1] ruby-archive-tar-minitar security update

Package : ruby-archive-tar-minitar Version : 0.5.2-2+deb7u1 CVE ID : CVE-2016-10173 Debian Bug : 853249 It has been found that rubygem archive-tar-minitar allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename. For Debian 7 "Wheezy", thes...

7.5CVSS7.7AI score0.04742EPSS
Exploits1
Rows per page
Query Builder