CVE-2017-0359 - diffoscope before 77 writes to arbitrary locations on disk based on the contents of an untrusted arc

CVE-2017-0359

Summary

diffoscope before 77 writes to arbitrary locations on disk based on the contents of an untrusted archive.

References

Vulnerable Configurations

cpe:2.3:a:reproducible_builds:diffoscope:1:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:1:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:2:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:2:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:3:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:3:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:4:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:4:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:5:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:5:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:6:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:6:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:7:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:7:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:8:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:8:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:9:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:9:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:10:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:10:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:11:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:11:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:12:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:12:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:13:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:13:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:14:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:14:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:15:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:15:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:16:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:16:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:17:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:17:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:18:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:18:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:19:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:19:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:20:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:20:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:21:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:21:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:22:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:22:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:23:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:23:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:24:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:24:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:25:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:25:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:26:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:26:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:27:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:27:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:28:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:28:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:29:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:29:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:30:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:30:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:31:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:31:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:32:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:32:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:33:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:33:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:34:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:34:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:35:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:35:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:36:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:36:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:37:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:37:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:38:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:38:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:39:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:39:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:40:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:40:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:41:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:41:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:42:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:42:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:43:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:43:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:44:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:44:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:45:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:45:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:46:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:46:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:47:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:47:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:48:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:48:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:49:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:49:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:50:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:50:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:51:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:51:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:52:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:52:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:53:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:53:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:54:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:54:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:55:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:55:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:56:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:56:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:57:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:57:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:58:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:58:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:59:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:59:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:60:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:60:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:61:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:61:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:62:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:62:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:63:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:63:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:64:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:64:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:65:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:65:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:66:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:66:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:67:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:67:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:68:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:68:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:69:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:69:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:70:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:70:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:71:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:71:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:72:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:72:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:73:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:73:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:74:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:74:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:75:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:75:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:76:*:*:*:*:*:*:*
cpe:2.3:a:reproducible_builds:diffoscope:76:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 03-12-2019 - 18:57)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

confirm

Last major update

03-12-2019 - 18:57

Published

13-04-2018 - 16:29

Last modified

03-12-2019 - 18:57