CVE-2019-16767

Опубликовано: 29 нояб. 2019

Источник: nvd

CVSS3: 6.6

CVSS3: 7.2

CVSS2: 9

EPSS Низкий

Описание

The admin sys mode is now conditional and dedicated for the special case. By default, since ezmaster@5.2.11 no instance (container) is launched with advanced capabilities (not launched as root)

Ссылки

https://github.com/Inist-CNRS/ezmaster/blob/master/CHANGELOG.md#ezmaster-5211
Third Party Advisory
https://github.com/Inist-CNRS/ezmaster/pull/51
Patch
Third Party Advisory
https://github.com/Inist-CNRS/ezmaster/security/advisories/GHSA-g654-5qjf-g6cx
Third Party Advisory
https://github.com/Inist-CNRS/ezmaster/blob/master/CHANGELOG.md#ezmaster-5211
Third Party Advisory
https://github.com/Inist-CNRS/ezmaster/pull/51
Patch
Third Party Advisory
https://github.com/Inist-CNRS/ezmaster/security/advisories/GHSA-g654-5qjf-g6cx
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:inist:ezmaster:*:*:*:*:*:*:*:*

Версия до 5.2.11 (исключая)

EPSS

Процентиль: 53%

0.003

Низкий

6.6 Medium

CVSS3

7.2 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-250

NVD-CWE-noinfo

Связанные уязвимости

GHSA-5jf4-jh9g-7766

github

больше 3 лет назад

The admin sys mode is now conditional and dedicated for the special case. By default, since ezmaster@5.2.11 no instance (container) is launched with advanced capabilities (not launched as root)

EPSS

Процентиль: 53%

0.003

Низкий

6.6 Medium

CVSS3

7.2 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-250

NVD-CWE-noinfo