cpio

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A tool to copy files into or out of a cpio or tar archive
Version 2.13-2 [extra]

Open

Group Affected Fixed Severity Status Ticket
AVG-2262 2.13-2 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2021-38185 AVG-2262 Medium No Arbitrary command execution
GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that...