CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-7216

A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which allows files to be written in arbitrary directories through symlinks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.0%

CVSS Severity

CVSS v3 Score 5.3

References

https://access.redhat.com/security/cve/CVE-2023-7216
https://bugzilla.redhat.com/show_bug.cgi?id=2249901
https://access.redhat.com/security/cve/CVE-2023-7216
https://bugzilla.redhat.com/show_bug.cgi?id=2249901

Products affected by CVE-2023-7216

Gnu » Cpio » Version: N/A

cpe:2.3:a:gnu:cpio:-
Redhat » Enterprise Linux » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux:7.0
Redhat » Enterprise Linux » Version: 8.0

cpe:2.3:o:redhat:enterprise_linux:8.0
Redhat » Enterprise Linux » Version: 9.0

cpe:2.3:o:redhat:enterprise_linux:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-7216

Products

Pricing

Contact Us