admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 14:08:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-merge PR#4257

Browse Source 
Auto-merge PR#4257
This commit is contained in:
CVE Team 2020-07-07 11:25:16 -04:00 committed by GitHub
commit cef67ea833
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2020/7xxx/CVE-2020-7667.json
View File

@ -63,7 +63,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The CPIO extraction functionality doesn't sanitize the paths of the archived files for leading and non-leading \"..\" which leads in file extraction outside of the current directory. Note: the fixing commit was applied to all affected versions which were re-released." "value": "In package github.com/sassoftware/go-rpmutils/cpio before version 0.1.0, the CPIO extraction functionality doesn't sanitize the paths of the archived files for leading and non-leading \"..\" which leads in file extraction outside of the current directory. Note: the fixing commit was applied to all affected versions which were re-released."
} }
] ]
}, },
@ -89,4 +89,4 @@
"value": "Georgios Gkitsas of Snyk Security Team" "value": "Georgios Gkitsas of Snyk Security Team"
} }
] ]
} }