CVE-2014-1833
EPSS 0.65%
Description
Directory traversal vulnerability in uupdate in devscripts 2.14.1 allows remote attackers to modify arbitrary files via a crafted .orig.tar file, related to a symlink.
How to fix CVE-2014-1833
To remediate CVE-2014-1833, upgrade the affected package to a fixed version below.
- Debian/devscripts—upgrade to 2.14.8 or later
Is CVE-2014-1833 being exploited?
Low — EPSS is 0.6%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2.14.8