CVE-2009-4013
lintian - multiple vulnerabilities
9.8
CRITICAL
CVSS 3.1
EPSS 0.84%
Description
Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive information via vectors involving (1) control field names, (2) control field values, and (3) control files of patch systems.
How to fix CVE-2009-4013
To remediate CVE-2009-4013, upgrade the affected package to a fixed version below.
- —upgrade to 2.3.2 or later
- —upgrade to 1.23.28+etch1 or later
Is CVE-2009-4013 being exploited?
Low — EPSS is 0.8%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 2.3.2
- from 0, < 1.23.28+etch1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |