{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-13T17:06:39.403","vulnerabilities":[{"cve":{"id":"CVE-2015-1395","sourceIdentifier":"security@debian.org","published":"2017-08-25T18:29:00.590","lastModified":"2026-05-13T00:24:29.033","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name."},{"lang":"es","value":"Una vulnerabilidad de salto de directorio en GNU en versiones de parche que soportan parcheo Git-style en versiones anteriores a la 2.7.3 permite que atacantes remotos escriban en archivos arbitrarios con los permisos del usuario objetivo mediante un \"..\" (dot dot) en el nombre de un archivo diff."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:C/A:N","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"COMPLETE","availabilityImpact":"NONE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*","matchCriteriaId":"FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*","matchCriteriaId":"56BDB5A0-0839-4A20-A003-B8CD56F48171"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","matchCriteriaId":"B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","matchCriteriaId":"B5A6F2F3-4894-4392-8296-3B8DD2679084"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*","matchCriteriaId":"49A63F39-30BE-443F-AF10-6245587D3359"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:patch:*:*:*:*:*:*:*:*","versionEndIncluding":"2.7.2","matchCriteriaId":"69B24AD1-B489-4673-9236-3530B01892B4"}]}]}],"references":[{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154214.html","source":"security@debian.org","tags":["Patch","Third Party Advisory"]},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148953.html","source":"security@debian.org","tags":["Patch","Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2015/01/27/28","source":"security@debian.org","tags":["Mailing List","Patch","Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/72846","source":"security@debian.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.ubuntu.com/usn/USN-2651-1","source":"security@debian.org","tags":["Patch","Third Party Advisory"]},{"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775873","source":"security@debian.org","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1184490","source":"security@debian.org","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://git.savannah.gnu.org/cgit/patch.git/commit/?id=17953b5893f7c9835f0dd2a704ba04e0371d2cbd","source":"security@debian.org","tags":["Issue Tracking","Patch"]},{"url":"https://savannah.gnu.org/bugs/?44059","source":"security@debian.org","tags":["Patch","Vendor Advisory"]},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154214.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148953.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2015/01/27/28","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch","Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/72846","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.ubuntu.com/usn/USN-2651-1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775873","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1184490","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://git.savannah.gnu.org/cgit/patch.git/commit/?id=17953b5893f7c9835f0dd2a704ba04e0371d2cbd","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch"]},{"url":"https://savannah.gnu.org/bugs/?44059","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}