Описание
seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when installed setuid root. The attack vector is a user-supplied socket pathname.
Ссылки
- Release NotesThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Release NotesThird Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 0.6.0 (включая) до 0.6.4 (исключая)
cpe:2.3:a:seatd_project:seatd:*:*:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.01674
Низкий
9.8 Critical
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-668
Связанные уязвимости
CVSS3: 9.8
ubuntu
почти 4 года назад
seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when installed setuid root. The attack vector is a user-supplied socket pathname.
CVSS3: 9.8
debian
почти 4 года назад
seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with es ...
CVSS3: 9.8
github
почти 4 года назад
seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when installed setuid root. The attack vector is a user-supplied socket pathname.
EPSS
Процентиль: 82%
0.01674
Низкий
9.8 Critical
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-668