Описание
Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leveraging a web application that uses the local filesystem.
Ссылки
- Patch
- Patch
- Patch
- Patch
- Patch
- Patch
Уязвимые конфигурации
EPSS
5.1 Medium
CVSS2
Дефекты
Связанные уязвимости
Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leveraging a web application that uses the local filesystem.
Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leveraging a web application that uses the local filesystem.
Paste Script 1.7.5 and earlier does not properly set group memberships ...
Paste Script has improper group memberships permissions
ELSA-2012-1206: python-paste-script security update (MODERATE)
EPSS
5.1 Medium
CVSS2