How severe is CVE-2022-1271?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2022-1271?

This is classified as CWE-179, which is a common weakness in software security.

CVE-2022-1271 - HIGH Severity | CVSS 8.8

Vulnerability Description

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.

Related Vulnerabilities

CVE-2025-4759

MEDIUM

CVSS:8.3(High)

Versions of the package lockfile-lint-api before 5.9.2 are vulnerable to Incorrect Behavior Order: Early Validation via the resolved attribute of the package URL validation which can be bypassed by ex...

CWE-1792025

CVE-2025-4759

MEDIUM

CVSS:8.3(High)

CWE-1792025

CVE-2024-41686

HIGH

CVSS:3.3(Low)

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to improper implementation of password policies. A local attacker could exploit this by creating password that do not adhere to the ...

CWE-1792024