Lucene search
Alpine Linux Development TeamALPINE:CVE-2015-1197HistoryFeb 19, 2015 - 3:59 p.m.
CVE-2015-1197
2015-02-1915:59:12
Alpine Linux Development Team
security.alpinelinux.org
31
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:N/I:P/A:N
6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.9%
cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-community | noarch | cpio | < 2.13-r0 | UNKNOWN |
| Alpine | 3.11-community | noarch | cpio | < 2.13-r0 | UNKNOWN |
| Alpine | 3.12-community | noarch | cpio | < 2.13-r0 | UNKNOWN |
| Alpine | 3.13-community | noarch | cpio | < 2.13-r0 | UNKNOWN |
| Alpine | 3.14-community | noarch | cpio | < 2.13-r0 | UNKNOWN |
| Alpine | 3.15-community | noarch | cpio | < 2.13-r0 | UNKNOWN |
| Alpine | 3.16-community | noarch | cpio | < 2.13-r0 | UNKNOWN |
| Alpine | 3.17-community | noarch | cpio | < 2.13-r0 | UNKNOWN |
| Alpine | 3.18-community | noarch | cpio | < 2.13-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | cpio | < 2.13-r0 | UNKNOWN |
Related
openvas
openvas
Huawei EulerOS: Security Advisory for cpio (EulerOS-SA-2023-3237)
2023-12-12 00:00:00
Huawei EulerOS: Security Advisory for cpio (EulerOS-SA-2023-3491)
2023-12-22 00:00:00
Huawei EulerOS: Security Advisory for cpio (EulerOS-SA-2023-3202)
2023-11-10 00:00:00
nessus
nessus
Amazon Linux AMI : cpio (ALAS-2024-1925)
2024-03-05 00:00:00
EulerOS 2.0 SP11 : cpio (EulerOS-SA-2023-3237)
2024-01-16 00:00:00
EulerOS Virtualization 2.11.0 : cpio (EulerOS-SA-2024-1425)
2024-03-21 00:00:00
securityvulns
securityvulns
[ MDVSA-2015:066 ] cpio
2015-04-20 00:00:00
libarchive directory traversal
2015-04-20 00:00:00
ubuntucve
ubuntucve
CVE-2015-1197
2015-02-19 00:00:00
CVE-2023-7207
2024-02-29 00:00:00
cve
cve
nvd
nvd
cvelist
cvelist
CVE-2015-1197
2015-02-19 00:00:00
CVE-2023-7207
2024-01-05 00:39:49
amazon
amazon
Important: cpio
2024-02-28 23:54:00
Important: cpio
2024-02-29 10:03:00
prion
prion
Code injection
2015-02-19 15:59:00
Path traversal
2024-02-29 01:42:00
debiancve
debiancve
CVE-2015-1197
2015-02-19 15:59:12
CVE-2023-7207
2024-02-29 01:42:59
archlinux
archlinux
cpio: directory traversal
2015-03-23 00:00:00
redhatcve
redhatcve
CVE-2023-7207
2024-02-29 08:04:56
CVE-2017-7516
2018-01-29 12:50:11
securelist
securelist
Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day)
2022-10-13 08:00:21
freebsd
freebsd
cpio -- multiple vulnerabilities
2015-03-27 00:00:00
GNU cpio -- multiple vulnerabilities
2019-11-06 00:00:00
thn
thn
mageia
mageia
Updated cpio packages fix security vulnerabilities
2019-11-14 19:58:51
Updated cpio package fixes security vulnerability
2015-02-19 17:43:07
zdt
zdt
Zimbra Collaboration Suite TAR Path Traversal Exploit
2022-10-21 00:00:00
packetstorm
packetstorm
Zimbra Collaboration Suite TAR Path Traversal
2022-10-20 00:00:00
ubuntu
ubuntu
GNU cpio vulnerabilities
2016-02-22 00:00:00
metasploit
metasploit
TAR Path Traversal in Zimbra (CVE-2022-41352)
2022-10-06 17:23:53
gentoo
gentoo
GNU cpio: Multiple vulnerabilities
2015-02-15 00:00:00
attackerkb
attackerkb
CVE-2022-41352
2022-09-26 00:00:00
rapid7blog
rapid7blog
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:N/I:P/A:N
6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.9%
Related for ALPINE:CVE-2015-1197