CVE-2015-2304

EPSS 3.0%

libarchive - security update

發布日:2015/3/15修改日:2026/4/28

描述

Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.

受影響套件(3)

Debian/libarchivefrom 0, < 3.1.2-11
Debian/libarchivefrom 0, < 2.8.4.forreal-1+squeeze3
Debian/libarchivefrom 0, < 3.0.4-3+wheezy1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-2304