Описание
SageMath FlintQS 1.0 relies on pathnames under TMPDIR (typically world-writable), which (for example) allows a local user to overwrite files with the privileges of a different user (who is running FlintQS).
Ссылки
- ExploitIssue Tracking
- Issue TrackingPatch
- ExploitIssue Tracking
- Issue TrackingPatch
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:sagemath:flintqs:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 7%
0.00028
Низкий
5.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 5.5
ubuntu
почти 3 года назад
SageMath FlintQS 1.0 relies on pathnames under TMPDIR (typically world-writable), which (for example) allows a local user to overwrite files with the privileges of a different user (who is running FlintQS).
CVSS3: 5.5
debian
почти 3 года назад
SageMath FlintQS 1.0 relies on pathnames under TMPDIR (typically world ...
CVSS3: 5.5
github
почти 3 года назад
SageMath FlintQS 1.0 relies on pathnames under TMPDIR (typically world-writable), which (for example) allows a local user to overwrite files with the privileges of a different user (who is running FlintQS).
EPSS
Процентиль: 7%
0.00028
Низкий
5.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo