Lucene search

PRIOn knowledge basePRION:CVE-2010-2197

HistoryJun 08, 2010 - 6:30 p.m.

Design/Logic Flaw

2010-06-0818:30:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

66.1%

JSON

rpmbuild in RPM 4.8.0 and earlier does not properly parse the syntax of spec files, which allows user-assisted remote attackers to remove home directories via vectors involving a ;~ (semicolon tilde) sequence in a Name tag.

CPENameOperatorVersion
rpmeq2.3.5
rpmeq4.4.2.1
rpmeq1.4.3
rpmeq3.0.1
rpmeq4.1
rpmeq2.2.3.11
rpmeq2.4.4
rpmeq2.3.8
rpmeq2.0.6
rpmeq1.4.4

Name	Operator	Version
rpm	eq	2.3.5
rpm	eq	4.4.2.1
rpm	eq	1.4.3
rpm	eq	3.0.1
rpm	eq	4.1
rpm	eq	2.2.3.11
rpm	eq	2.4.4
rpm	eq	2.3.8
rpm	eq	2.0.6
rpm	eq	1.4.4

Rows per page:

1-10 of 931

References

bugzilla.redhat.com/show_bug.cgi?id=125517

exchange.xforce.ibmcloud.com/vulnerabilities/59423