CVE-2015-1396
Published: 28 January 2015
A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196.
Priority
CVSS 3 base score: 7.5