VYPR

rpm package

suse/cpio&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

pkg:rpm/suse/cpio&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS

Vulnerabilities (1)

  • CVE-2023-7207Jan 5, 2024
    affected < 2.13-150400.3.6.1fixed 2.13-150400.3.6.1

    Debian's cpio contains a path traversal vulnerability. This issue was introduced by reverting CVE-2015-1197 patches which had caused a regression in --no-absolute-filenames. Upstream has since provided a proper fix to --no-absolute-filenames.