cbcvebase.
CVE-2014-3864
published 2014-05-30

CVE-2014-3864: Directory traversal vulnerability in dpkg-source in dpkg-dev 1.3.0 allows remote attackers to modify files outside of the intended directories via a crafted…

PriorityP433medium6.4CVSS 2.0
AVNACLAuNCNIPAP
EPSS
2.83%
84.8th percentile
Directory traversal vulnerability in dpkg-source in dpkg-dev 1.3.0 allows remote attackers to modify files outside of the intended directories via a crafted source package that lacks a --- header line.

Affected

6 ranges
VendorProductVersion rangeFixed in
debiandpkg< dpkg 1.17.10 (bookworm)dpkg 1.17.10 (bookworm)
debiandpkg>= 0 < 1.17.101.17.10
debiandpkg>= 0 < 1.17.101.17.10
debiandpkg>= 0 < 1.17.101.17.10
debiandpkg>= 0 < 1.17.101.17.10
debiandpkg-dev

CVSS provenance

nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:P
osv6.4MEDIUM
vendor_debian6.4MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.