cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive.
References
Configurations
History
27 Dec 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
21 Dec 2023, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
20 Oct 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2015-02-19 15:59
Updated : 2023-12-27 15:15
NVD link : CVE-2015-1197
Mitre link : CVE-2015-1197
CVE.ORG link : CVE-2015-1197
JSON object : View
Products Affected
gnu
- cpio
CWE