Описание
OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0.
Ссылки
- Not Applicable
- Release Notes
- Release Notes
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Not Applicable
- Release Notes
- Release Notes
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.2.6 (исключая)
Одно из
cpe:2.3:a:openpmix:openpmix:*:*:*:*:*:*:*:*
cpe:2.3:a:openpmix:openpmix:5.0.0:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
Конфигурация 3
Одно из
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*
EPSS
Процентиль: 76%
0.01033
Низкий
8.1 High
CVSS3
Дефекты
CWE-362
Связанные уязвимости
CVSS3: 8.1
ubuntu
почти 2 года назад
OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0.
CVSS3: 8.1
redhat
почти 2 года назад
OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0.
CVSS3: 8.1
debian
почти 2 года назад
OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to ...
EPSS
Процентиль: 76%
0.01033
Низкий
8.1 High
CVSS3
Дефекты
CWE-362