2 matches found
CVE-2015-1191
CVE-2015-1191 affects pigz 2.3.1, where a flaw in pigz.c enables directory traversal via crafted archives (either a full pathname or .. in the archive). This could allow remote attackers to write to arbitrary files or view arbitrary files on the system, as described in multiple advisories and ven...
CVE-2013-0296
CVE-2013-0296 : The race condition affects pigz, prior to version 2.2.5, where permissions derived from the process umask may be applied during compression before aligning the file’s permissions with the source. This can allow local users to bypass intended access controls while compression is in...