CVE-2023-7216

CVSS V2 None CVSS V3 None
Description
A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which allows files to be written in arbitrary directories through symlinks.
Overview
  • CVE ID
  • CVE-2023-7216
  • Assigner
  • redhat
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-02-05T15:12:17.193Z
  • Last Modified Date
  • 2024-06-12T12:25:57.457Z
References
Reference URL Reference Tags
https://access.redhat.com/security/cve/CVE-2023-7216 vdb-entry x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2249901 issue-tracking x_refsource_REDHAT
History
Created Old Value New Value Data Type Notes
2024-06-25 02:52:42 Added to TrackCVE