Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Split function. An attacker can cause excessive CPU consumption and resource exhaustion by supplying a malicious APK stream that triggers unbounded gzip inflation. Remediation...

MiracleLinux 8 : cpio-2.12-10.el8 (AXSA:2021-1794:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1794:01 advisory. cpio: improper input validation when writing tar header fields leads to unexpected tar generation CVE-2019-14866 Tenable has extracted the preceding...

MiracleLinux 8 : cpio-2.12-11.el8.ML.1 (AXSA:2022-3303:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3303:02 advisory. Update the version to 2.12-11.el8.ML.1. Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 3 : cpio-2.6-23.AXS3.1 (AXSA:2010-146:01)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2010-146:01 advisory. GNU cpio copies files into or out of a cpio or tar archive. Archives are files which contain a collection of other files plus information about them,...

EUVD-2024-1250

Malicious code in bioql PyPI...

Photon OS 4.0: Cpio PHSA-2025-4.0-0869

An update of the cpio package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0869. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Moderate Photon OS Security Update - PHSA-2025-4.0-0869

Updates of 'cpio' packages of Photon OS have been released...

Photon OS 5.0: Cpio PHSA-2025-5.0-0537

An update of the cpio package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0537. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Important Photon OS Security Update - PHSA-2025-5.0-0537

Updates of 'apache-tomcat10', 'cpio', 'wireshark', 'apache-tomcat9', 'kafka' packages of Photon OS have been released...

Photon OS 5.0: Cpio PHSA-2024-5.0-0427

An update of the cpio package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0427. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

ROS-20240730-15

A vulnerability in the dstring.c component of the Debian GNU/Linux operating system cpio package is caused by an integer overflow. overflow. Exploitation of the vulnerability could allow an attacker to cause a stack overflow via a generated file...

ROS-20240730-03

A vulnerability in the dstring.c component of the Debian GNU/Linux operating system cpio package is caused by an integer overflow. overflow. Exploitation of the vulnerability could allow an attacker to cause a stack overflow via a generated file...

RHEL 6 : cpio (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cpio: directory traversal through symlinks CVE-2015-1197 - cpio: out of bounds write CVE-2016-2037 -...

SUSE: Security Advisory (SUSE-SU-2024:0305-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : cpio (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cpio: integer overflow in dsfgetstr in dstring.c can lead to an out-of-bounds write via a crafted pattern...

EulerOS Virtualization 2.11.0 : cpio (EulerOS-SA-2024-1425)

According to the versions of the cpio package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a...

EulerOS 2.0 SP10 : cpio (EulerOS-SA-2023-3167)

According to the versions of the cpio package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an...

Huawei EulerOS: Security Advisory for cpio (EulerOS-SA-2023-3265)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VulnCheck KEV: CVE-2022-41352

Synacor Zimbra Collaboration Suite ZCS allows an attacker to upload arbitrary files using cpio package to gain incorrect access to any other user accounts...

Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability

Synacor Zimbra Collaboration Suite ZCS allows an attacker to upload arbitrary files using cpio package to gain incorrect access to any other user accounts...