CVE-2005-1228
EPSS 4.6%
Description
Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.
How to fix CVE-2005-1228
To remediate CVE-2005-1228, upgrade the affected package to a fixed version below.
- Debian/gzip—upgrade to 1.3.5-10 or later
Is CVE-2005-1228 being exploited?
Low — EPSS is 4.6%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.3.5-10