Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.5 views

Astra Linux – Vulnerability in squashfs-tools

The squashfsopendir function in unsquash-2.c within Squashfs-Tools 4.5 enables Directory Traversal, another vulnerability distinct from CVE-2021-40153. A squashfs filesystem that includes a symbolic link, along with files under the same filename, can cause unsquashfs to first create the symbolic...

8.1CVSS6.7AI score0.02136EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2024/05/22 12:0 a.m.36 views

CentOS 8 : squashfs-tools (CESA-2024:3139)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:3139 advisory. - squashfsopendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new...

8.1CVSS6.5AI score0.025EPSS
Exploits2References3
Microsoft CVE
Microsoft CVEadded 2022/01/20 8:0 a.m.5 views

squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.

...

8.1CVSS6.7AI score0.025EPSS
Exploits2
Tenable Nessus
Tenable Nessusadded 2019/09/30 12:0 a.m.21 views

EulerOS 2.0 SP8 : squashfs-tools (EulerOS-SA-2019-2092)

According to the versions of the squashfs-tools package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Integer overflow in the readfragmenttable4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial o...

7.5CVSS7AI score0.0691EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2019/09/17 12:0 a.m.26 views

EulerOS 2.0 SP2 : squashfs-tools (EulerOS-SA-2019-1871)

According to the versions of the squashfs-tools package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Integer overflow in the readfragmenttable4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial o...

7.5CVSS7AI score0.0691EPSS
Exploits0References3
NVD
NVDadded 2017/04/13 5:59 p.m.17 views

CVE-2015-4646

1 unsquash-1.c, 2 unsquash-2.c, 3 unsquash-3.c, and 4 unsquash-4.c in Squashfs and sasquatch allow remote attackers to cause a denial of service application crash via a crafted input...

7.5CVSS7.2AI score0.0691EPSS
Exploits0References4
Rows per page
Query Builder