CVE-2010-0396
dpkg - path traversal
EPSS 0.40%
Description
Directory traversal vulnerability in the dpkg-source component in dpkg before 1.14.29 allows remote attackers to modify arbitrary files via a crafted Debian source archive.
How to fix CVE-2010-0396
To remediate CVE-2010-0396, upgrade the affected package to a fixed version below.
- Debian/dpkg—upgrade to 1.15.6 or later
- Debian/dpkg—upgrade to 1.14.29 or later
Is CVE-2010-0396 being exploited?
Low — EPSS is 0.4%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 1.15.6
- from 0, < 1.14.29