Описание
The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name.
Ссылки
- Third Party Advisory
- Release Notes
- Mailing ListThird Party Advisory
- Third Party Advisory
- Release Notes
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.23.0 (включая) до 2.1.1 (исключая)
cpe:2.3:a:fishshell:fish:*:*:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.00109
Низкий
7 High
CVSS3
4.4 Medium
CVSS2
Дефекты
CWE-362
Связанные уязвимости
CVSS3: 7
ubuntu
около 6 лет назад
The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name.
CVSS3: 7
debian
около 6 лет назад
The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does ...
github
больше 3 лет назад
The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name.
EPSS
Процентиль: 30%
0.00109
Низкий
7 High
CVSS3
4.4 Medium
CVSS2
Дефекты
CWE-362