CVSS: 7.5EPSS: 9%CPEs: 1EXPL: 0CVE-2002-0399
https://notcve.org/view.php?id=CVE-2002-0399
01 Oct 2002 — Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267. Vulnerabilidad desconocida en GNU tar 1.13.25 permite a atacantes sobreescribir ficheros arbitrarios durante la extracción de archivos usando un ataque similar al identificado como CAN-2001-1269. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000538 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2001-1267
https://notcve.org/view.php?id=CVE-2001-1267
12 Jul 2001 — Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot). • ftp://alpha.gnu.org/gnu/tar/tar-1.13.25.tar.gz •