[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CVE-2010-4226
From: |
Sergey Poznyakoff |
Subject: |
Re: CVE-2010-4226 |
Date: |
Sat, 18 Jun 2022 17:41:43 +0200 |
User-agent: |
MH (GNU Mailutils 3.15) |
Jon Slobodzian <joslobo@microsoft.com> ha escrit:
> NIST (and subsequently our tooling) suggests that this CVE is active
> against all versions of cpio:
> https://nvd.nist.gov/vuln/detail/CVE-2010-4226.
I wasn't able to find any description of the "vulnerability" in
question. All links from this page either end up at 502 error somewhere
at SUSE or suggest that cpio can "overwrite arbitrary files via a
symlink within an RPM package archive". That is certainly not enough
to have any position regarding this report.
Best,
Sergey
- CVE-2010-4226, Jon Slobodzian, 2022/06/18
- Re: CVE-2010-4226,
Sergey Poznyakoff <=