CVE-2010-0012

HIGH8.8EPSS 0.30%

transmission - directory traversal

Published: 1/8/2010Modified: 4/28/2026

Also known as:DEBIAN-CVE-2010-0012

Description

Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a pathname within a .torrent file.

Affected packages (2)

Debian/transmissionfrom 0, < 1.77-1
Debian/transmissionfrom 0, < 1.22-1+lenny2

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH8.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-0012