Описание
Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks.
Ссылки
- Third Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- ExploitMailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- ExploitMailing ListThird Party Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.1.2 (исключая)
cpe:2.3:a:hardlink_project:hardlink:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
EPSS
Процентиль: 33%
0.00132
Низкий
7.1 High
CVSS3
3.6 Low
CVSS2
Дефекты
CWE-59
Связанные уязвимости
CVSS3: 7.1
ubuntu
около 6 лет назад
Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks.
redhat
больше 14 лет назад
Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks.
CVSS3: 7.1
debian
около 6 лет назад
Hardlink before 0.1.2 operates on full file system objects path names ...
CVSS3: 7.1
github
почти 4 года назад
Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks.
EPSS
Процентиль: 33%
0.00132
Низкий
7.1 High
CVSS3
3.6 Low
CVSS2
Дефекты
CWE-59