ALT-PU-2016-2059-1
Closed vulnerabilities
Published: 2015-01-21
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-1191
Multiple directory traversal vulnerabilities in pigz 2.3.1 allow remote attackers to write to arbitrary files via a (1) full pathname or (2) .. (dot dot) in an archive.
Severity: MEDIUM (5.0)
References:
- openSUSE-SU-2016:0650
- openSUSE-SU-2016:0650
- openSUSE-SU-2016:0662
- openSUSE-SU-2016:0662
- [oss-security] 20150118 Re: CVE request: pigz, kgb, pax: directory traversal
- [oss-security] 20150118 Re: CVE request: pigz, kgb, pax: directory traversal
- 72109
- 72109
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774978
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774978
- https://github.com/madler/pigz/commit/fdad1406b3ec809f4954ff7cdf9e99eb18c2458f
- https://github.com/madler/pigz/commit/fdad1406b3ec809f4954ff7cdf9e99eb18c2458f