Canonical » Ubuntu Linux : Security Vulnerabilities, CVEs, Published In 2017 (Directory traversal)
In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out.
Max CVSS
7.3
EPSS Score
0.06%
Published
2017-04-05
Updated
2017-08-16
RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem.
Max CVSS
7.5
EPSS Score
0.88%
Published
2017-08-31
Updated
2019-10-09
A directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an overwrite of files. A malicious server or someone with access to the network traffic can provide an invalid filename for a splash image triggering the vulnerability.
Max CVSS
5.8
EPSS Score
0.51%
Published
2017-01-06
Updated
2017-03-30
Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.
Max CVSS
7.8
EPSS Score
0.29%
Published
2017-08-25
Updated
2017-08-30
Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.
Max CVSS
7.5
EPSS Score
1.26%
Published
2017-08-07
Updated
2021-02-19
5 vulnerabilities found