Описание
IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | java-1.7.1-ibm | Not affected | ||
| Red Hat Enterprise Linux 6 | java-1.8.0-ibm | Not affected | ||
| Red Hat Enterprise Linux 7 | java-1.7.1-ibm | Not affected | ||
| Red Hat Enterprise Linux 7 | java-1.8.0-ibm | Not affected | ||
| Red Hat Enterprise Linux 8 | java-1.8.0-ibm | Not affected | ||
| Red Hat Satellite 5 | java-1.8.0-ibm | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-426
https://bugzilla.redhat.com/show_bug.cgi?id=1685725JDK: local privilege escalation via insecure RPATHs
EPSS
Процентиль: 23%
0.00077
Низкий
7.8 High
CVSS3
Связанные уязвимости
CVSS3: 5.6
nvd
почти 7 лет назад
IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.
CVSS3: 7.8
github
больше 3 лет назад
IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.
EPSS
Процентиль: 23%
0.00077
Низкий
7.8 High
CVSS3