Описание
pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:3.14-1.1 |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| maverick | ignored | end of life |
| natty | ignored | end of life |
| oneiric | ignored | end of life |
| precise | not-affected | 1:3.14-1.1 |
| quantal | not-affected | 1:3.14-1.1 |
| raring | not-affected | 1:3.14-1.1 |
| saucy | not-affected | 1:3.14-1.1 |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 63%
0.00433
Низкий
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
больше 7 лет назад
pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks.
CVSS3: 7.5
debian
больше 7 лет назад
pyro before 3.15 unsafely handles pid files in temporary directory loc ...
CVSS3: 7.5
github
больше 7 лет назад
Pyro mishandles pid files in temporary directory locations and opening the pid file as root
EPSS
Процентиль: 63%
0.00433
Низкий
5 Medium
CVSS2
7.5 High
CVSS3