82 matches found
Input validation
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...
CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...
CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...
CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...
CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...
CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...
CVE-2022-1271
CVE-2022-1271 affects GNU gzip's zgrep: an attacker can cause arbitrary file writes by supplying crafted multi-line filenames. Two or more consecutive newlines in filenames lead to content and target file names being embedded in the same path, and insufficient validation enables remote, low-privi...
EulerOS 2.0 SP10 : xz (EulerOS-SA-2022-2174)
According to the versions of the xz packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Oracle Communications Cloud Native Core Unified Data Repository product of Oracle Communications component: UDR GNU Gzip. The...
EulerOS 2.0 SP10 : gzip (EulerOS-SA-2022-2133)
According to the versions of the gzip package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Oracle Communications Cloud Native Core Unified Data Repository product of Oracle Communications component: UDR GNU Gzip. The...
EulerOS 2.0 SP9 : xz (EulerOS-SA-2022-1985)
According to the versions of the xz packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a...
EulerOS 2.0 SP9 : xz (EulerOS-SA-2022-2015)
According to the versions of the xz packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a...
EulerOS 2.0 SP9 : gzip (EulerOS-SA-2022-1998)
According to the versions of the gzip package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, ...
Huawei EulerOS: Security Advisory for xz (EulerOS-SA-2022-1985)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : xz (ALAS-2022-1598)
The version of xz installed on the remote host is prior to 5.2.2-1.14. It is, therefore, affected by a vulnerability as referenced in the ALAS-2022-1598 advisory. An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name...
Important: gzip
Issue Overview: An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to...
Important: xz
Issue Overview: An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to...
gzip: arbitrary-file-write vulnerability
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...
SUSE SLES15 Security Update : gzip (SUSE-SU-2022:1674-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:1674-1 advisory. - CVE-2022-1271: Add hardening for zgrep. bsc1198062 Tenable has extracted the preceding description block directly from the SUSE security...
Important: gzip, xz
Issue Overview: An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to...
gzip: arbitrary-file-write vulnerability
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...