CVE-2020-25031

Опубликовано: 31 авг. 2020

Источник: debian

EPSS Низкий

Описание

checkinstall 1.6.2, when used to create a package that contains a symlink, may trigger the creation of a mode 0777 executable file.

Пакет	Статус	Версия исправления	Релиз	Тип
checkinstall	unfixed			package

https://bugs.launchpad.net/ubuntu/+source/checkinstall/+bug/1861281
Does not cross any reasonable trust boundary, the packages to be installed need to be
trusted to begin with, a rogue package can cause more harm than a 777 binary

EPSS

Процентиль: 16%

0.00051

Низкий

CVE-2020-25031

CVSS3: 7.8

ubuntu

больше 5 лет назад

checkinstall 1.6.2, when used to create a package that contains a symlink, may trigger the creation of a mode 0777 executable file.

CVE-2020-25031

CVSS3: 7.8

nvd

больше 5 лет назад

checkinstall 1.6.2, when used to create a package that contains a symlink, may trigger the creation of a mode 0777 executable file.

GHSA-3qwr-jvvx-5665

github

больше 3 лет назад

checkinstall 1.6.2, when used to create a package that contains a symlink, may trigger the creation of a mode 0777 executable file.

EPSS

Процентиль: 16%

0.00051

Низкий