Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

OSV
OSVadded 2026/05/22 1:16 p.m.5 views

CLSA-2026-1777538340 Update of cpio

Fix integer overflow in dstring.c dsfgetstr that triggers an out-of-bounds heap write...

5.9AI score
Exploits0References1
AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.2 views

Astra Linux - уязвимость в cpio

In GNU Cpio from version 2.13 onwards, attackers can execute arbitrary code by using a crafted pattern file. This occurs due to a dstring.c dsfgetstr integer overflow, which triggers an out-of-bounds heap write. NOTE: It is unclear whether there are common cases where the pattern file, associated...

7.8CVSS7.1AI score0.26333EPSS
Exploits1References2
OSV
OSVadded 2024/04/09 2:21 p.m.2 views

CLSA-2024-1712672449 Update of cpio

Fix integer overflow in dstring.c dsfgetstr that triggers an out-of-bounds heap write...

5.9AI score
Exploits0References1
SUSE CVE
SUSE CVEadded 2023/02/15 3:38 a.m.1 views

SUSE CVE-2021-38185

GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is...

8.8CVSS9.5AI score0.26333EPSS
Exploits1References92
Tenable Nessus
Tenable Nessusadded 2022/05/11 12:0 a.m.29 views

RHEL 8 : cpio (RHSA-2022:1991)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1991 advisory. The cpio packages provide the GNU cpio utility for creating and extracting archives, or copying files from one place to another. Security Fixes: cpio...

7.8CVSS7AI score0.26333EPSS
Exploits1References6
RedHat Linux
RedHat Linuxadded 2022/05/10 2:9 p.m.2 views

cpio: integer overflow in ds_fgetstr() in dstring.c can lead to an out-of-bounds write via a crafted pattern file

A flaw was found in cpio. An integer overflow that triggers an out-of-bounds heap write can allow an attacker to execute arbitrary code via a crafted pattern file. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

7.8CVSS7.7AI score0.26333EPSS
Exploits1References4
Microsoft CVE
Microsoft CVEadded 2021/08/17 7:0 a.m.2 views

GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file associated with the -E option is untrusted data.

...

7.8CVSS7.7AI score0.26333EPSS
Exploits1
OSV
OSVadded 2021/08/08 12:15 a.m.1 views

AZL-6357 CVE-2021-38185 affecting package cpio for versions less than 2.13-4

GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is...

7.8CVSS7.7AI score0.26333EPSS
Exploits1References1
OSV
OSVadded 2021/08/08 12:15 a.m.1 views

UBUNTU-CVE-2021-38185

GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is...

7.8CVSS7.2AI score0.26333EPSS
Exploits1References8
Rows per page
Query Builder