GNU : Security Vulnerabilities, CVEs, Published In 2002 (Directory traversal) CVSS score >= 3
Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences.
Max CVSS
5.0
EPSS Score
4.62%
Published
2002-12-18
Updated
2018-10-19
Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267.
Max CVSS
5.0
EPSS Score
8.20%
Published
2002-10-10
Updated
2018-10-19
2 vulnerabilities found