Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Tools for squashfs, a highly compressed read-only filesystem for Linux
Version 4.6.1-1 [extra]


Group Affected Fixed Severity Status Ticket
AVG-2380 4.5-1 4.5.1-1 Medium Fixed
AVG-2328 4.4_git.1-1 4.5-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2021-41072 AVG-2380 Medium Yes Directory traversal
squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows directory traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that...
CVE-2021-40153 AVG-2328 Medium Yes Directory traversal
squashfs_opendir in unsquash-1.c in Squashfs-Tools before version 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create...