CVE-2021-38185|GNU cpio through 2.13 allows... - VULHUB开源网络安全威胁库

GNU cpio through 2.13 allows... CVE-2021-38185

6.8 AV AC AU C I A

发布： 2021-08-08

修订： 2023-06-04

GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有1条受影响产品信息

您还没有登录，登录后可查看更多

添加资源
收藏资源
问题反馈

贡献用户

暂无贡献用户

相关漏洞清单查看更多>

An arbitrary file write... (VHN-419384)
2024-08-26
A flaw was found in Python,... (VHN-410289)
2023-06-30
Istio是一套连接、管理和保护微服务的开放平台。 Istio... (VHN-422732)
2022-06-17
Envoy是一款开源的分布式代理服务器。 Envoy 1.22.1... (VHN-420759)
2022-06-16
Envoy是一款开源的分布式代理服务器。 Envoy 1.22.1... (VHN-420760)
2022-06-16
Envoy是一款开源的分布式代理服务器。 Envoy 1.22.1... (VHN-420762)
2023-11-07
Envoy是一款开源的分布式代理服务器。 Envoy 1.22.1... (VHN-420758)
2023-11-07
Improper Removal of Sensitive... (VHN-419763)
2023-08-02
encoding/pem in Go before 1.17.9 and... (VHN-414456)
2023-11-07
The generic P-256 feature in... (VHN-419234)
2023-11-07