squashfs-tools

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Tools for squashfs, a highly compressed read-only filesystem for Linux.
Version 4.5-1 [extra]

Open

Group Affected Fixed Severity Status Ticket
AVG-2380 4.5-1 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2021-41072 AVG-2380 Medium Yes Directory traversal
squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows directory traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2328 4.4_git.1-1 4.5-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2021-40153 AVG-2328 Medium Yes Directory traversal
squashfs_opendir in unsquash-1.c in Squashfs-Tools before version 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create...