CVE-2020-28407

Опубликовано: 03 нояб. 2023

Источник: debian

EPSS Низкий

Описание

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
swtpm	not-affected			package

EPSS

Процентиль: 3%

0.00015

Низкий

Связанные уязвимости

CVE-2020-28407

CVSS3: 7.1

ubuntu

больше 2 лет назад

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.

CVE-2020-28407

CVSS3: 7.3

redhat

около 5 лет назад

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.

CVE-2020-28407

CVSS3: 7.1

nvd

больше 2 лет назад

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.

GHSA-52x8-2f4w-q8mm

CVSS3: 7.1

github

больше 2 лет назад

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.

EPSS

Процентиль: 3%

0.00015

Низкий