Vulnerabilities > Debian > Dpkg > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-05-26 CVE-2022-1664 Path Traversal vulnerability in multiple products
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability.
network
low complexity
debian netapp CWE-22
critical
9.8
2017-04-26 CVE-2017-8283 Path Traversal vulnerability in Debian Dpkg
dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source on NetBSD.
network
low complexity
debian CWE-22
critical
9.8