VulnerableCode Package Details - pkg:deb/debian/dpkg@1.19.8

Search for packages

Vulnerability	Summary	Fixed by
VCID-hy4s-c76f-aaak Aliases: CVE-2022-1664	Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.	1.20.13 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-hy4s-c76f-aaak
Aliases:
CVE-2022-1664

Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.

1.20.13
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-hy4s-c76f-aaak	Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.	CVE-2022-1664

Vulnerability

Summary

Aliases

VCID-hy4s-c76f-aaak

CVE-2022-1664

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-21T14:55:29.626239+00:00	Debian Oval Importer	Fixing	VCID-hy4s-c76f-aaak	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.3
2025-06-21T04:28:44.699938+00:00	Debian Oval Importer	Affected by	VCID-hy4s-c76f-aaak	None	36.1.3
2025-06-21T01:19:01.552643+00:00	Debian Oval Importer	Fixing	VCID-hy4s-c76f-aaak	None	36.1.3
2025-06-08T07:48:58.026306+00:00	Debian Oval Importer	Fixing	VCID-hy4s-c76f-aaak	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.0
2025-06-07T22:05:06.107132+00:00	Debian Oval Importer	Affected by	VCID-hy4s-c76f-aaak	None	36.1.0
2025-06-07T18:41:47.467565+00:00	Debian Oval Importer	Fixing	VCID-hy4s-c76f-aaak	None	36.1.0
2025-04-12T22:08:11.959937+00:00	Debian Oval Importer	Affected by	VCID-hy4s-c76f-aaak	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-08T06:21:24.599178+00:00	Debian Oval Importer	Fixing	VCID-hy4s-c76f-aaak	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0
2025-04-07T20:36:17.987781+00:00	Debian Oval Importer	Affected by	VCID-hy4s-c76f-aaak	None	36.0.0
2025-04-07T17:19:35.825086+00:00	Debian Oval Importer	Fixing	VCID-hy4s-c76f-aaak	None	36.0.0