Vulnerabilities > GNU > Cpio > 2.13
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-08 | CVE-2021-38185 | Integer Overflow or Wraparound vulnerability in GNU Cpio GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. | 7.8 |
| 2020-01-07 | CVE-2019-14866 | In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. | 7.3 |