VYPR

Pigz

by Zlib

Source repositories

CVEs (2)

  • CVE-2015-1191Jan 21, 2015
    risk 0.00cvss epss 0.03

    Multiple directory traversal vulnerabilities in pigz 2.3.1 allow remote attackers to write to arbitrary files via a (1) full pathname or (2) .. (dot dot) in an archive.

  • CVE-2013-0296Apr 27, 2014
    risk 0.00cvss epss 0.00

    Race condition in pigz before 2.2.5 uses permissions derived from the umask when compressing a file before setting that file's permissions to match those of the original file, which might allow local users to bypass intended access permissions while compression is occurring.