CVE-2022-48682

Опубликовано: 26 апр. 2024

Источник: debian

EPSS Низкий

Описание

In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink.

Пакет	Статус	Версия исправления	Релиз	Тип
fdupes	fixed	1:2.2.1-1		package
fdupes	no-dsa		bullseye	package
fdupes	postponed		buster	package

https://bugzilla.suse.com/show_bug.cgi?id=1200381
https://github.com/adrianlopezroche/fdupes/commit/85680897148f1ac33b55418e00334116e419717f (v2.2.0)

EPSS

Процентиль: 12%

0.00041

Низкий

CVE-2022-48682

CVSS3: 6

ubuntu

почти 2 года назад

In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink.

CVE-2022-48682

CVSS3: 6

nvd

почти 2 года назад

In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink.

GHSA-4g22-x6m7-r675

CVSS3: 6

github

почти 2 года назад

In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink.

EPSS

Процентиль: 12%

0.00041

Низкий