Total vulnerabilities in the database
An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system.
| Software | From | Fixed in |
|---|---|---|
| libarchive / libarchive | - | 3.5.2 |
| fedoraproject / fedora | 35 | 35.x |
| redhat / enterprise_linux | 8.0 | 8.0.x |
| redhat / enterprise_linux_for_power_little_endian | 8.0 | 8.0.x |
| redhat / enterprise_linux_for_ibm_z_systems | 8.0 | 8.0.x |
| redhat / enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions | 8.6 | 8.6.x |
| redhat / enterprise_linux_for_ibm_z_systems_eus | 8.6 | 8.6.x |
| redhat / enterprise_linux_server_aus | 8.6 | 8.6.x |
| redhat / enterprise_linux_server_tus | 8.6 | 8.6.x |
| redhat / enterprise_linux_eus | 8.6 | 8.6.x |
| redhat / enterprise_linux_for_power_little_endian_eus | 8.6 | 8.6.x |
| debian / debian_linux | 10.0 | 10.0.x |
| splunk / universal_forwarder | 9.1.0 | 9.1.0.x |
| splunk / universal_forwarder | 9.0.0 | 9.0.6 |
| splunk / universal_forwarder | 8.2.0 | 8.2.12 |