Vulnerabilities > GNU > Cpio > High

DATE CVE VULNERABILITY TITLE RISK
2021-08-08 CVE-2021-38185 Integer Overflow or Wraparound vulnerability in GNU Cpio
GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write.
local
low complexity
gnu CWE-190
7.8
2020-01-07 CVE-2019-14866 In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives.
local
low complexity
gnu redhat
7.3