CVE-2010-1679
dpkg - directory traversal
EPSS 0.79%
Description
Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package.
How to fix CVE-2010-1679
To remediate CVE-2010-1679, upgrade the affected package to a fixed version below.
- Debian/dpkg—upgrade to 1.15.8.8 or later
- Debian/dpkg—upgrade to 1.14.31 or later
Is CVE-2010-1679 being exploited?
Low — EPSS is 0.8%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 1.15.8.8
- from 0, < 1.14.31