Medium severity5.3NVD Advisory· Published Feb 5, 2024· Updated Jun 17, 2026
CVE-2023-7216
CVE-2023-7216
Description
A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which allows files to be written in arbitrary directories through symlinks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:/o:redhat:enterprise_linux:6+ 3 more
- cpe:/o:redhat:enterprise_linux:6
- cpe:/o:redhat:enterprise_linux:7
- cpe:/o:redhat:enterprise_linux:8
- cpe:/o:redhat:enterprise_linux:9
Patches
Vulnerability mechanics
References
2- bugzilla.redhat.com/show_bug.cginvdExploitIssue TrackingThird Party Advisory
- access.redhat.com/security/cve/CVE-2023-7216nvdThird Party Advisory
News mentions
0No linked articles in our index yet.