exploitDog

GHSA-mrfq-6jmf-4q53

Опубликовано: 25 мар. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7

Описание

Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in openEuler iSulad on Linux allows Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions. This vulnerability is associated with program files https://gitee.Com/openeuler/iSulad/blob/master/src/cmd/isulad/main.C.

This issue affects iSulad: 2.0.18-13, from 2.1.4-1 through 2.1.4-2.

Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in openEuler iSulad on Linux allows Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions. This vulnerability is associated with program files https://gitee.Com/openeuler/iSulad/blob/master/src/cmd/isulad/main.C.

This issue affects iSulad: 2.0.18-13, from 2.1.4-1 through 2.1.4-2.

Ссылки

EPSS

Процентиль: 5%

0.00021

Низкий

7 High

CVSS3

CVE ID

Дефекты

CWE-367

Связанные уязвимости

CVE-2021-33632

CVSS3: 7

nvd

почти 2 года назад

Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in openEuler iSulad on Linux allows Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions. This vulnerability is associated with program files https://gitee.Com/openeuler/iSulad/blob/master/src/cmd/isulad/main.C. This issue affects iSulad: 2.0.18-13, from 2.1.4-1 through 2.1.4-2.

EPSS

Процентиль: 5%

0.00021

Низкий

7 High

CVSS3

CVE ID

Дефекты

CWE-367