GHSA-q24q-c8xg-xmvg

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt//maps, (2) /tmp/jvm-/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm.

Ссылки

EPSS

Процентиль: 89%

0.04833

Низкий

7.8 High

CVSS3

CVE ID

CVE-2015-3315

Дефекты

CWE-59

Связанные уязвимости

CVE-2015-3315

redhat

больше 10 лет назад

Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm.

CVE-2015-3315

CVSS3: 7.8

nvd

около 8 лет назад

Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm.

ELSA-2015-1210

oracle-oval

около 10 лет назад

ELSA-2015-1210: abrt security update (MODERATE)

ELSA-2015-1083

oracle-oval

около 10 лет назад

ELSA-2015-1083: abrt security update (IMPORTANT)

EPSS

Процентиль: 89%

0.04833

Низкий

7.8 High

CVSS3

CVE ID

CVE-2015-3315

Дефекты

CWE-59