CVE-2010-4226

NameCVE-2010-4226
Descriptioncpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers to overwrite arbitrary files via a symlink within an RPM package archive.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium

Notes

NOT-FOR-US: OpenSuSE build services
This might qualify as a cpio hardening issue, but this CVE-ID is not about cpio itself.

Search for package or bug name: Reporting problems