squashfs-tools
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Tools for squashfs, a highly compressed read-only filesystem for Linux |
| Version | 4.6.1-1 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2380 | 4.5-1 | 4.5.1-1 | Medium | Fixed | |
| AVG-2328 | 4.4_git.1-1 | 4.5-1 | Medium | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-41072 | AVG-2380 | Medium | Yes | Directory traversal | squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows directory traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that... |
| CVE-2021-40153 | AVG-2328 | Medium | Yes | Directory traversal | squashfs_opendir in unsquash-1.c in Squashfs-Tools before version 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create... |