Vulnerability Details CVE-2020-15908
tar/TarFileReader.cpp in Cauldron cbang (aka C-Bang or C!) before 1.6.0 allows Directory Traversal during extraction from a TAR archive.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://github.com/CauldronDevelopmentLLC/cbang/commit/1c1dba62bd3e6fa9d0d0c0aa21926043b75382c7
- https://github.com/CauldronDevelopmentLLC/cbang/compare/1.5.1...1.6.0
- https://github.com/CauldronDevelopmentLLC/cbang/commit/1c1dba62bd3e6fa9d0d0c0aa21926043b75382c7
- https://github.com/CauldronDevelopmentLLC/cbang/compare/1.5.1...1.6.0
Products affected by CVE-2020-15908
-
cpe:2.3:a:cauldrondevelopment:c!:1.0
-
cpe:2.3:a:cauldrondevelopment:c!:1.0.1
-
cpe:2.3:a:cauldrondevelopment:c!:1.1.0
-
cpe:2.3:a:cauldrondevelopment:c!:1.2.0
-
cpe:2.3:a:cauldrondevelopment:c!:1.3.0
-
cpe:2.3:a:cauldrondevelopment:c!:1.3.1
-
cpe:2.3:a:cauldrondevelopment:c!:1.3.2
-
cpe:2.3:a:cauldrondevelopment:c!:1.3.3
-
cpe:2.3:a:cauldrondevelopment:c!:1.4.0
-
cpe:2.3:a:cauldrondevelopment:c!:1.5.0
-
cpe:2.3:a:cauldrondevelopment:c!:1.5.1