Skip to main content

Squashfs Tools

2 CVEs product

Monthly

CVE-2021-41072 HIGH POC PATCH This Week

squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Squashfs Tools Debian Linux
NVD GitHub
CVSS 3.1
8.1
EPSS
2.3%
CVE-2021-40153 HIGH POC PATCH This Week

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Squashfs Tools Fedora Debian Linux Enterprise Linux
NVD GitHub
CVSS 3.1
8.1
EPSS
2.5%
EPSS 2% CVSS 8.1
HIGH POC PATCH This Week

squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Squashfs Tools Debian Linux
NVD GitHub
EPSS 2% CVSS 8.1
HIGH POC PATCH This Week

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Squashfs Tools Fedora +2
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy