CVE-2015-1193

pax 1:20140703 - Path Traversal and Arbitrary File Write via Archive Pathname

Title source: llm
STIX 2.1

Description

Multiple directory traversal vulnerabilities in pax 1:20140703 allow remote attackers to write to arbitrary files via a (1) full pathname or (2) .. (dot dot) in an archive.

References (2)

Core 2
Core References
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/01/18/3

Scores

EPSS 0.0155
EPSS Percentile 72.1%

Details

CWE
CWE-22
Status published
Products (1)
pax_project/pax 1\ 20140703
Published Jan 21, 2015
Tracked Since Feb 18, 2026