cpio
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | A tool to copy files into or out of a cpio or tar archive |
| Version | 2.15-1 [extra] |
Open
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2262 | 2.13-2 | Medium | Vulnerable |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-38185 | AVG-2262 | Medium | No | Arbitrary command execution | GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that... |