CVE-2021-40153 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Directory traversal
Description	squashfs_opendir in unsquash-1.c in Squashfs-Tools before version 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2328	squashfs-tools	4.4_git.1-1	4.5-1	Medium	Fixed

References
https://github.com/plougher/squashfs-tools/issues/72 https://github.com/plougher/squashfs-tools/commit/79b5a555058eef4e1e7ff220c344d39f8cd09646