CVE-2022-27816

Опубликовано: 30 мар. 2022

Источник: nvd

CVSS3: 7.1

CVSS2: 3.3

EPSS Низкий

Описание

SWHKD 1.1.5 unsafely uses the /tmp/swhks.pid pathname. There can be data loss or a denial of service.

Ссылки

http://www.openwall.com/lists/oss-security/2022/04/14/1
Exploit
Mailing List
Patch
Third Party Advisory
https://github.com/waycrate/swhkd/commit/0b620a09605afb815c6d8d8953bbb7a10a8c0575
Patch
Third Party Advisory
https://github.com/waycrate/swhkd/releases
Release Notes
Third Party Advisory
http://www.openwall.com/lists/oss-security/2022/04/14/1
Exploit
Mailing List
Patch
Third Party Advisory
https://github.com/waycrate/swhkd/commit/0b620a09605afb815c6d8d8953bbb7a10a8c0575
Patch
Third Party Advisory
https://github.com/waycrate/swhkd/releases
Release Notes
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:waycrate:swhkd:1.1.5:*:*:*:*:*:*:*

EPSS

Процентиль: 31%

0.00119

Низкий

7.1 High

CVSS3

3.3 Low

CVSS2

Дефекты

CWE-59

Связанные уязвимости

GHSA-8m49-2xj8-67v9

CVSS3: 7.1

github

почти 4 года назад

Data Loss/Denial of Service in SWHKD

BDU:2022-02459

CVSS3: 9.1

fstec