AVG-2262 log

Package cpio
Status Vulnerable
Severity Medium
Type arbitrary command execution
Affected 2.13-2
Fixed Unknown
Current 2.15-1 [extra]
Ticket Create
Created Sun Aug 8 07:33:45 2021
Issue Severity Remote Type Description
CVE-2021-38185 Medium No Arbitrary command execution
GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that...