CVE-2010-1679

CWE-22Path Traversal9 documents8 sources
Severity
6.8MEDIUM
EPSS
0.8%
top 26.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Debian Dpkg
Timeline
PublishedJan 11
Latest updateMay 17

Description

Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

Debiandpkg< 1.15.8.8+3
NVDdebian/dpkg1.14.30+124

🔴Vulnerability Details

3
GHSA
GHSA-4qj2-qwgp-vc99: Directory traversal vulnerability in dpkg-source in dpkg before 12022-05-17
CVEList
CVE-2010-1679: Directory traversal vulnerability in dpkg-source in dpkg before 12011-01-11
OSV
CVE-2010-1679: Directory traversal vulnerability in dpkg-source in dpkg before 12011-01-11

📋Vendor Advisories

3
Ubuntu
dpkg vulnerability2011-01-06
Red Hat
patch: directory traversal flaw allows for arbitrary file creation2010-12-30
Debian
CVE-2010-1679: dpkg - Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15...2010

💬Community

2
Bugzilla
CVE-2010-1679 dpkg: directory traversal flaw allows for arbitrary file creation2011-01-12
Bugzilla
CVE-2010-1679 CVE-2011-0402 dpkg various flaws [fedora-all]2011-01-12
CVE-2010-1679 (MEDIUM CVSS 6.8) | Directory traversal vulnerability i | cvebase.io