Pax Project » PAX : Security Vulnerabilities, CVEs,
pax 1:20140703 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
Max CVSS
4.3
EPSS Score
0.20%
Published
2015-01-21
Updated
2015-01-23
Multiple directory traversal vulnerabilities in pax 1:20140703 allow remote attackers to write to arbitrary files via a (1) full pathname or (2) .. (dot dot) in an archive.
Max CVSS
5.0
EPSS Score
0.28%
Published
2015-01-21
Updated
2015-01-23
2 vulnerabilities found