Описание
tcmu-runner version 0.91 up to 1.20 is vulnerable to information disclosure in handler_qcow.so resulting in non-privileged users being able to check for existence of any file with root privileges.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:tcmu-runner_project:tcmu-runner:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:tcmu-runner_project:tcmu-runner:1.2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.003
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 3.3
redhat
больше 8 лет назад
tcmu-runner version 0.91 up to 1.20 is vulnerable to information disclosure in handler_qcow.so resulting in non-privileged users being able to check for existence of any file with root privileges.
CVSS3: 7.5
github
больше 3 лет назад
tcmu-runner version 0.91 up to 1.20 is vulnerable to information disclosure in handler_qcow.so resulting in non-privileged users being able to check for existence of any file with root privileges.
EPSS
Процентиль: 53%
0.003
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200