AMANDA 3.5.1
Approved changes feed: RSS · Atom
cpe:2.3:a:amanda:amanda:3.5.1:*:*:*:*:*:*:*
part: a version: 3.5.1 update: *
| Vendor | Amanda (a5cafbf0-03fc-58f5-8d83-d6e37e997977) |
|---|---|
| Product | Amanda (55d0360e-b89f-58f3-a54d-2881b7512d17) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:bitbucket/acgt/amanda |
purl2cpe | 2026-06-01 10:12:19.467635 |
pkg:deb/debian/amanda |
purl2cpe | 2026-06-01 10:12:19.467637 |
pkg:deb/ubuntu/amanda |
purl2cpe | 2026-06-01 10:12:19.467638 |
pkg:github/zmanda/amanda |
purl2cpe | 2026-06-01 10:12:19.467640 |
pkg:gitlab/redhat/amanda |
purl2cpe | 2026-06-01 10:12:19.467641 |
pkg:rpm/centos/amanda |
purl2cpe | 2026-06-01 10:12:19.467642 |
pkg:rpm/fedora/amanda |
purl2cpe | 2026-06-01 10:12:19.467644 |
pkg:rpm/opensuse/amanda |
purl2cpe | 2026-06-01 10:12:19.467645 |
pkg:sourceforge/amanda |
purl2cpe | 2026-06-01 10:12:19.467646 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-37703 |
vulnerable | 2026-06-08 05:47:12.984422 |
Details available
In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use `opendir()` as root directly without checking the path, letting the attacker provide an arbitrary path.
Published: 2022-09-13T00:00:00.000Z
Updated: 2025-11-04T16:09:48.244Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.