squashfs-tools - Arch Linux
Open
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2380 | 4.5-1 | Medium | Vulnerable |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-41072 | AVG-2380 | Medium | Yes | Directory traversal | squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows directory traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that... |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2328 | 4.4_git.1-1 | 4.5-1 | Medium | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-40153 | AVG-2328 | Medium | Yes | Directory traversal | squashfs_opendir in unsquash-1.c in Squashfs-Tools before version 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create... |