Vulnerabilities > CVE-2023-7216

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

gnu

redhat

NVD

Published: 2024-02-05

Updated: 2024-11-21

Summary

A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which allows files to be written in arbitrary directories through symlinks.

Vulnerable Configurations

Part	Description	Count
Application	Gnu GNU Cpio -	1
OS	Redhat Redhat Enterprise Linux 7.0 Redhat Enterprise Linux 8.0 Redhat Enterprise Linux 9.0	3

References

https://access.redhat.com/security/cve/CVE-2023-7216
https://access.redhat.com/security/cve/CVE-2023-7216
https://bugzilla.redhat.com/show_bug.cgi?id=2249901
https://bugzilla.redhat.com/show_bug.cgi?id=2249901

Vulnerabilities > CVE-2023-7216 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2023-7216"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2023-7216