Security Advisory

CVE-2020-7666

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-09-01 13:55:17

Last updated 2024-09-16 20:41:57

Assigner snyk

State PUBLISHED

Description

This affects all versions of package github.com/u-root/u-root/pkg/cpio. It is vulnerable to leading, non-leading relative path traversal attacks and symlink based (relative and absolute) path traversal attacks in cpio file extraction.

← Browse all CVEs View on cve.org ↗