2 matches found
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : dpkg (SUSE-SU-2022:4081-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4081-1 advisory. - CVE-2022-1664: Fixed a directory traversal vulnerability in Dpkg::Source::Archive bsc1199944. Tenable h...
CVE-2022-1664 directory traversal for in-place extracts with untrusted v2 and v3 source packages with debian.tar
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction ca...