Описание
Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which allows local users to cause a denial of service by creating the lock directory before it is created for use by a legitimate CVS user.
Ссылки
- Broken LinkExploitPatchThird Party AdvisoryVDB EntryVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkExploitPatchThird Party AdvisoryVDB EntryVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:concurrent_versions_software_project:concurrent_versions_software:-:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01251
Низкий
5.5 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-667
Связанные уязвимости
CVSS3: 5.5
github
почти 4 года назад
Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which allows local users to cause a denial of service by creating the lock directory before it is created for use by a legitimate CVS user.
EPSS
Процентиль: 79%
0.01251
Низкий
5.5 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-667