Security Advisory

CVE-2023-7216

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-02-05 15:12:17

Last updated 2026-02-25 19:39:05

Assigner redhat

State PUBLISHED

Description

A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which allows files to be written in arbitrary directories through symlinks.

← Browse all CVEs View on cve.org ↗