Lucene search
Veracode Vulnerability DatabaseVERACODE:38683HistoryDec 29, 2022 - 9:05 a.m.
Remote Code Execution (RCE)
2022-12-2909:05:48
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
66
vulnerability
binwalk
remote code execution
software
malicious code
system attack
file extraction
0.001 Low
EPSS
Percentile
50.0%
binwalk is vulnerable to remote code execution. A remote attacker is able to upload and execute malicious code on the system under attack via the affected file src/binwalk/modules/extractor.py of the component Archive Extraction Handler.
| CPE | Name | Operator | Version |
|---|---|---|---|
| binwalk:sid | eq | 2.2.0+dfsg1-1 | |
| binwalk:sid | eq | 2.2.0+dfsg1-1 |
Related
fedora
fedora
[SECURITY] Fedora 36 Update: binwalk-2.3.3-1.fc36
2023-01-05 01:21:27
[SECURITY] Fedora 37 Update: binwalk-2.3.3-1.fc37
2023-01-05 01:18:20
openvas
openvas
Fedora: Security Advisory for binwalk (FEDORA-2022-a36ba48049)
2023-01-09 00:00:00
Fedora: Security Advisory for binwalk (FEDORA-2022-3727f00e4b)
2023-01-09 00:00:00
cvelist
cvelist
CVE-2021-4287 ReFirm Labs binwalk Archive Extraction extractor.py symlink
2022-12-27 10:32:41
github
github
binwalk vulnerable to UNIX Symbolic Link (Symlink) Following
2022-12-27 12:30:19
cve
cve
CVE-2021-4287
2022-12-27 11:15:10
prion
prion
Design/Logic Flaw
2022-12-27 11:15:00
nessus
nessus
Fedora 36 : binwalk (2022-3727f00e4b)
2023-01-05 00:00:00
debiancve
debiancve
CVE-2021-4287
2022-12-27 11:15:10
nvd
nvd
CVE-2021-4287
2022-12-27 11:15:10
osv
osv
binwalk vulnerable to UNIX Symbolic Link (Symlink) Following
2022-12-27 12:30:19
CVE-2021-4287
2022-12-27 11:15:10
ubuntucve
ubuntucve
CVE-2021-4287
2022-12-27 00:00:00