CVE-2015-1197

EPSS 3.3%

Published: 2/19/2015Modified: 4/28/2026

Also known as:DEBIAN-CVE-2015-1197

Description

cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive.

Affected packages (1)

Debian/cpiofrom 0, < 2.11+dfsg-4.1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-1197