CVSS: 9.8EPSS: 1%CPEs: 8EXPL: 0CVE-2022-1664 – directory traversal for in-place extracts with untrusted v2 and v3 source packages with debian.tar
https://notcve.org/view.php?id=CVE-2022-1664
26 May 2022 — Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs. La función Dpkg::Source::Archive en dpkg, el sistema de administración de paquetes de Debian, versiones anteriores a 1.... • https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 300EXPL: 0CVE-2017-8283
https://notcve.org/view.php?id=CVE-2017-8283
26 Apr 2017 — dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source on NetBSD. Dpkg-source en dpkg en las versiones comprendidas entre la 1.3.0 y la 1.18.23 es capaz de usar un programa de parches non-GNU que no ofrece un mecanismo de protección para diff hunks identadas en blanco,... • http://www.openwall.com/lists/oss-security/2017/04/20/2 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 13%CPEs: 52EXPL: 0CVE-2015-0860 – Ubuntu Security Notice USN-2820-1
https://notcve.org/view.php?id=CVE-2015-0860
27 Nov 2015 — Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which triggers a stack-based buffer overflow. Error por un paso en la función extracthalf en dpkg-deb/extract.c en el componente dpkg-deb en Debian dpkg 1.16.x en versiones anteriores a 1.16.17 y 1.17.x en versiones anteriores a... • http://www.debian.org/security/2015/dsa-3407 • CWE-189: Numeric Errors •
CVSS: 9.1EPSS: 0%CPEs: 30EXPL: 0CVE-2015-0840 – Ubuntu Security Notice USN-2566-1
https://notcve.org/view.php?id=CVE-2015-0840
09 Apr 2015 — The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file (.dsc). El comando dpkg-source en Debian dpkg anterior a 1.16.16 y 1.17.x anterior a 1.17.25 permite a atacantes remotos evadir verificación de firmas a través de un fichero de control de fuentes de Debian (.dsc) manipulado. Jann Horn discovered that the source package integrity verification in dpkg-source can be bypassed via a spec... • http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157387.html • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 3CVE-2014-8625
https://notcve.org/view.php?id=CVE-2014-8625
20 Jan 2015 — Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name. Múltiples vulnerabilidades de cadenas de formatos en la función parse_error_msg en parsehelp.c en dpkg anterior a 1.17.22 permiten a atacantes remotos causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrari... • http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157387.html • CWE-134: Use of Externally-Controlled Format String •
CVSS: 9.1EPSS: 0%CPEs: 31EXPL: 0CVE-2014-3227
https://notcve.org/view.php?id=CVE-2014-3227
30 May 2014 — dpkg 1.15.9, 1.16.x before 1.16.14, and 1.17.x before 1.17.9 expect the patch program to be compliant with a need for the "C-style encoded filenames" feature, but is supported in environments with noncompliant patch programs, which triggers an interaction error that allows remote attackers to conduct directory traversal attacks and modify files outside of the intended directories via a crafted source package. NOTE: this vulnerability exists because of reliance on unrealistic constraints on the behavior of a... • http://openwall.com/lists/oss-security/2014/04/29/4 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.1EPSS: 1%CPEs: 64EXPL: 0CVE-2014-3127
https://notcve.org/view.php?id=CVE-2014-3127
14 May 2014 — dpkg 1.15.9 on Debian squeeze introduces support for the "C-style encoded filenames" feature without recognizing that the squeeze patch program lacks this feature, which triggers an interaction error that allows remote attackers to conduct directory traversal attacks and modify files outside of the intended directories via a crafted source package. NOTE: this can be considered a release engineering problem in the effort to fix CVE-2014-0471. dpkg versión 1.15.9 en squeeze de Debian, introduce soporte para l... • http://metadata.ftp-master.debian.org/changelogs//main/d/dpkg/dpkg_1.15.10_changelog • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •