CVE-2019-12450

Опубликовано: 23 мая 2019

Источник: redhat

CVSS3: 6.6

EPSS Низкий

Описание

file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.

Отчет

This issue affects the versions of glib2 as shipped with Red Hat Enterprise Linux 6, 7 and 8 . Red Hat Product Security has rated this issue as having a security impact of Moderate. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	glib2	Not affected
Red Hat Enterprise Linux 6	chromium-browser	Out of support scope
Red Hat Enterprise Linux 6	firefox	Out of support scope
Red Hat Enterprise Linux 6	glib2	Out of support scope
Red Hat Enterprise Linux 6	thunderbird	Out of support scope
Red Hat Enterprise Linux 7	glib2	Fixed	RHSA-2020:3978	29.09.2020
Red Hat Enterprise Linux 7	ibus	Fixed	RHSA-2020:3978	29.09.2020
Red Hat Enterprise Linux 8	glib2	Fixed	RHSA-2019:3530	05.11.2019
Red Hat OpenShift Do	openshiftdo/odo-init-image-rhel7	Fixed	RHSA-2021:0949	22.03.2021

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-552

https://bugzilla.redhat.com/show_bug.cgi?id=1719141glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress

EPSS

Процентиль: 75%

0.00917

Низкий

6.6 Medium

CVSS3

Связанные уязвимости

CVE-2019-12450

CVSS3: 9.8

ubuntu

больше 6 лет назад

file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.

CVE-2019-12450

CVSS3: 9.8

nvd

больше 6 лет назад

file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.

CVE-2019-12450

CVSS3: 9.8

msrc

около 5 лет назад

Описание отсутствует

CVE-2019-12450

CVSS3: 9.8

debian

больше 6 лет назад

file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 ...

openSUSE-SU-2019:1650-1

suse-cvrf

около 6 лет назад

Security update for glib2

EPSS

Процентиль: 75%

0.00917

Низкий

6.6 Medium

CVSS3