CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-31272

SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 76.6%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/SerenityOS/serenity/issues/3991
https://github.com/SerenityOS/serenity/issues/3992
https://github.com/SerenityOS/serenity/pull/5713
https://github.com/SerenityOS/serenity/pull/5713/commits/3844e8569689dd476064a0759d704bc64fb3ca2c
https://github.com/SerenityOS/serenity/issues/3991
https://github.com/SerenityOS/serenity/issues/3992
https://github.com/SerenityOS/serenity/pull/5713
https://github.com/SerenityOS/serenity/pull/5713/commits/3844e8569689dd476064a0759d704bc64fb3ca2c

Products affected by CVE-2021-31272

Serenityos » Serenityos » Version: N/A

cpe:2.3:o:serenityos:serenityos:-
Serenityos » Serenityos » Version: 2019-12-30

cpe:2.3:o:serenityos:serenityos:2019-12-30
Serenityos » Serenityos » Version: 2021-01-27

cpe:2.3:o:serenityos:serenityos:2021-01-27
Serenityos » Serenityos » Version: 2021-03-27

cpe:2.3:o:serenityos:serenityos:2021-03-27

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-31272

Products

Pricing

Contact Us