{"api_version":"1","generated_at":"2026-04-22T21:38:01+00:00","cve":"CVE-2019-14866","urls":{"html":"https://cve.report/CVE-2019-14866","api":"https://cve.report/api/cve/CVE-2019-14866.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2019-14866","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2019-14866"},"summary":{"title":"CVE-2019-14866","description":"In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2020-01-07 17:15:00","updated_at":"2023-06-04 22:15:00"},"problem_types":["NVD-CWE-Other"],"metrics":[],"references":[{"url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00007.html","name":"https://lists.debian.org/debian-lts-announce/2023/06/msg00007.html","refsource":"MISC","tags":[],"title":"[SECURITY] [DLA 3445-1] cpio security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14866","name":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14866","refsource":"CONFIRM","tags":["Exploit","Issue Tracking","Mitigation","Patch","Third Party Advisory"],"title":"1765511 – (CVE-2019-14866) CVE-2019-14866 cpio: improper input validation when writing tar header fields leads to unexpect tar generation","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/security/cve/CVE-2019-14866","name":"https://access.redhat.com/security/cve/CVE-2019-14866","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.gnu.org/archive/html/bug-cpio/2019-08/msg00003.html","name":"https://lists.gnu.org/archive/html/bug-cpio/2019-08/msg00003.html","refsource":"MISC","tags":["Mailing List","Patch","Third Party Advisory"],"title":"[Bug-cpio] [PATCH] Check for size overflow in tar header fields","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1765511","name":"https://bugzilla.redhat.com/show_bug.cgi?id=1765511","refsource":"MISC","tags":[],"title":"1765511 – (CVE-2019-14866) CVE-2019-14866 cpio: improper input validation when writing tar header fields leads to unexpect tar generation","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2022:0073","name":"https://access.redhat.com/errata/RHSA-2022:0073","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2021:1582","name":"https://access.redhat.com/errata/RHSA-2021:1582","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00000.html","name":"https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00000.html","refsource":"MISC","tags":["Exploit","Mailing List","Third Party Advisory"],"title":"cpio-2.13 released [stable]","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2020:3908","name":"https://access.redhat.com/errata/RHSA-2020:3908","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2019-14866","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14866","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2019","cve_id":"14866","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnu","cpe5":"cpio","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14866","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnu","cpe5":"cpio","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14866","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14866","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14866","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"14866","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2019-14866","qid":"159187","title":"Oracle Enterprise Linux Security Update for cpio (ELSA-2021-1582)"},{"cve":"CVE-2019-14866","qid":"181827","title":"Debian Security Update for cpio (DLA 3445-1)"},{"cve":"CVE-2019-14866","qid":"239337","title":"Red Hat Update for cpio (RHSA-2021:1582)"},{"cve":"CVE-2019-14866","qid":"239988","title":"Red Hat Update for cpio (RHSA-2022:0073)"},{"cve":"CVE-2019-14866","qid":"377503","title":"Alibaba Cloud Linux Security Update for cpio (ALINUX2-SA-2020:0131)"},{"cve":"CVE-2019-14866","qid":"500862","title":"Alpine Linux Security Update for cpio"},{"cve":"CVE-2019-14866","qid":"504655","title":"Alpine Linux Security Update for cpio"},{"cve":"CVE-2019-14866","qid":"940193","title":"AlmaLinux Security Update for cpio (ALSA-2021:1582)"},{"cve":"CVE-2019-14866","qid":"960855","title":"Rocky Linux Security Update for cpio (RLSA-2021:1582)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2019-14866","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-20","cweId":"CWE-20"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Red Hat","product":{"product_data":[{"product_name":"cpio","version":{"version_data":[{"version_affected":"=","version_value":"All cpio versions before 2.13"}]}}]}}]}},"references":{"reference_data":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14866","refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14866"},{"url":"https://lists.gnu.org/archive/html/bug-cpio/2019-08/msg00003.html","refsource":"MISC","name":"https://lists.gnu.org/archive/html/bug-cpio/2019-08/msg00003.html"},{"url":"https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00000.html","refsource":"MISC","name":"https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00000.html"},{"url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00007.html","refsource":"MISC","name":"https://lists.debian.org/debian-lts-announce/2023/06/msg00007.html"}]},"impact":{"cvss":[{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":6.7,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H","version":"3.0"}]}},"nvd":{"publishedDate":"2020-01-07 17:15:00","lastModifiedDate":"2023-06-04 22:15:00","problem_types":["NVD-CWE-Other"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.3,"baseSeverity":"HIGH"},"exploitabilityScore":1.3,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:C/I:C/A:C","accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":6.9},"severity":"MEDIUM","exploitabilityScore":3.4,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:gnu:cpio:*:*:*:*:*:*:*:*","versionEndExcluding":"2.13","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2019","CveId":"14866","Ordinal":"154075","Title":"CVE-2019-14866","CVE":"CVE-2019-14866","Year":"2019"},"notes":[{"CveYear":"2019","CveId":"14866","Ordinal":"1","NoteData":"In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system.","Type":"Description","Title":null},{"CveYear":"2019","CveId":"14866","Ordinal":"2","NoteData":"2020-01-07","Type":"Other","Title":"Published"},{"CveYear":"2019","CveId":"14866","Ordinal":"3","NoteData":"2020-01-07","Type":"Other","Title":"Modified"}]}}}