CVE-2010-0396

CWE-22Path Traversal8 documents8 sources
Severity
5.8MEDIUM
EPSS
0.4%
top 39.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Debian Dpkg
Timeline
PublishedMar 15
Latest updateMay 2

Description

Directory traversal vulnerability in the dpkg-source component in dpkg before 1.14.29 allows remote attackers to modify arbitrary files via a crafted Debian source archive.

CVSS vector

AV:N/AC:M/C:N/I:P/A:PExploitability: 8.6 | Impact: 4.9

Affected Packages2 packages

NVDdebian/dpkg1.14.28+94
Debiandpkg< 1.15.6+3

Patches

Patch: security.debian.orgPatch: www.debian.orgPatch: security.debian.org

🔴Vulnerability Details

3
GHSA
GHSA-8p9h-cf62-j26q: Directory traversal vulnerability in the dpkg-source component in dpkg before 12022-05-02
OSV
CVE-2010-0396: Directory traversal vulnerability in the dpkg-source component in dpkg before 12010-03-15
CVEList
CVE-2010-0396: Directory traversal vulnerability in the dpkg-source component in dpkg before 12010-03-12

📋Vendor Advisories

3
Ubuntu
dpkg vulnerability2010-03-11
Red Hat
dpkg: path traversal issue2010-03-10
Debian
CVE-2010-0396: dpkg - Directory traversal vulnerability in the dpkg-source component in dpkg before 1....2010

💬Community

1
Bugzilla
CVE-2010-0396 dpkg: path traversal issue2010-03-11
CVE-2010-0396 (MEDIUM CVSS 5.8) | Directory traversal vulnerability i | cvebase.io