CVE-2012-2241
EPSS 0.56%
Description
scripts/dget.pl in devscripts before 2.12.3 allows remote attackers to delete arbitrary files via a crafted (1) .dsc or (2) .changes file, probably related to a NULL byte in a filename.
How to fix CVE-2012-2241
To remediate CVE-2012-2241, upgrade the affected package to a fixed version below.
- Debian/devscripts—upgrade to 2.12.3 or later
Is CVE-2012-2241 being exploited?
Low — EPSS is 0.6%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2.12.3