Showing 1 - 5 of 5

CVE-2020-14352

Status Candidate

Overview

A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the destination directory on the targeted system via path traversal. This flaw could potentially result in system compromise via the overwriting of critical system files. The highest threat from this flaw is to users that make use of untrusted third-party repositories.

Related Files

Red Hat Security Advisory 2020-5012-01: Posted Nov 10, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-5012-01 - The librepo library provides a C and Python API to download repository metadata. Issues addressed include a traversal vulnerability.; tags | advisory, python; systems | linux, redhat; advisories | CVE-2020-14352; SHA-256 | 85ff30fb487a0a6d9b0d6405bfe606b3694384cb3fd24b2e4d6d0cf405acb87c; Download | Favorite | View

Red Hat Security Advisory 2020-4201-01: Posted Oct 7, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4201-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2019-11756, CVE-2019-17006, CVE-2019-17023, CVE-2020-12402, CVE-2020-12825, CVE-2020-14352, CVE-2020-14365, CVE-2020-15586, CVE-2020-16845; SHA-256 | 3d8b1c7224e8a2deee960b7668ead051da2664d66a79b155eb862d4b51810393; Download | Favorite | View

Red Hat Security Advisory 2020-3756-01: Posted Sep 15, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-3756-01 - The librepo library provides a C and Python API to download repository metadata. Issues addressed include a traversal vulnerability.; tags | advisory, python; systems | linux, redhat; advisories | CVE-2020-14352; SHA-256 | a0672f9c6434ac91b420476fae2e94c3bde749deb7e9eccd76c148d2fa5e4b8a; Download | Favorite | View

Red Hat Security Advisory 2020-3749-01: Posted Sep 15, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-3749-01 - The librepo library provides a C and Python API to download repository metadata. Issues addressed include a traversal vulnerability.; tags | advisory, python; systems | linux, redhat; advisories | CVE-2020-14352; SHA-256 | f2a8493e6bfb74fbfb4e576afd201300cc783d8e0cc85a1e307d449e5d20c98d; Download | Favorite | View

Red Hat Security Advisory 2020-3658-01: Posted Sep 8, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-3658-01 - The librepo library provides a C and Python API to download repository metadata. Issues addressed include a traversal vulnerability.; tags | advisory, python; systems | linux, redhat; advisories | CVE-2020-14352; SHA-256 | acbd1c7d616ab385b0246e8f8c53415649ebfdefb57d3901fbc73adbe78e651f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 300 files
Ubuntu 63 files
Debian 20 files
LiquidWorm 19 files
Apple 9 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files
nu11secur1ty 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,928)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,326)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,981)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2020-14352

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems