VDB
DEBIAN-CVE-2010-4651
DEBIAN-CVE-2010-4651
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.
Risk Scores
CVSS v4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | patch | 2.7.6-7, 2.8-2, 2.8-1 |
| Debian:13 | patch | 2.8-2, 2.8-2, 0 |
| Debian:11 | patch | 0, 0, 2.7.6-7 |
| Debian:14 | patch | 0, 2.8-2, 0 |
Timeline
- Mar 11, 2011 CVE Published
- Apr 28, 2026 CVE Updated