CVE-2018-10897

HIGH

yum-utils < 1.1.31 - Path Traversal via Remote Repository Configuration

Title source: llm
STIX 2.1

Description

A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.

References (9)

Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1041594
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:2285
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:2284
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:2626
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10897
Third Party Advisory x_refsource_confirm
https://github.com/rpm-software-management/yum-utils/pull/43

Scores

CVSS v3 8.1
EPSS 0.0573
EPSS Percentile 92.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-22 CWE-59
Status published
Products (8)
redhat/enterprise_linux_desktop 6.0
redhat/enterprise_linux_desktop 7.0
redhat/enterprise_linux_server 6.0
redhat/enterprise_linux_server 7.0
redhat/enterprise_linux_workstation 6.0
redhat/enterprise_linux_workstation 7.0
redhat/virtualization 4.0
rpm/yum-utils < 1.1.31
Published Aug 01, 2018
Tracked Since Feb 18, 2026