cpio (SUSE:Linux Enterprise Server for SAP Applications 12 SP4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server for SAP Applications 12 SP4 package cpio, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2021-38185 — CVSS 7.8 (high): GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer…
CVE-2019-14866 — CVSS 7.3 (high): In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR…