GHSA-52x8-2f4w-q8mm

Опубликовано: 03 нояб. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.1

Описание

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.

Ссылки

EPSS

Процентиль: 3%

0.00015

Низкий

7.1 High

CVSS3

CVE ID

CVE-2020-28407

Дефекты

CWE-59

Связанные уязвимости

CVE-2020-28407

CVSS3: 7.1

ubuntu

больше 2 лет назад

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.

CVE-2020-28407

CVSS3: 7.3

redhat

около 5 лет назад

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.

CVE-2020-28407

CVSS3: 7.1

nvd

больше 2 лет назад

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.

CVE-2020-28407

CVSS3: 7.1

debian

больше 2 лет назад

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be ...

EPSS

Процентиль: 3%

0.00015

Низкий

7.1 High

CVSS3

CVE ID

CVE-2020-28407

Дефекты

CWE-59