Описание
Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local users to execute arbitrary PHP code with additional privileges by leveraging an application with the umask set to 0 and that executes cache entries as code.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 2.4.8-2 |
| cosmic | not-affected | 2.4.8-2 |
| devel | not-affected | 2.4.8-2 |
| disco | not-affected | 2.4.8-2 |
| esm-apps/bionic | not-affected | 2.4.8-2 |
| esm-apps/xenial | not-affected | 2.4.8-2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 1.5.0really1.2.7-1 |
| cosmic | not-affected | 1.5.0really1.2.7-1 |
| devel | not-affected | 1.5.0really1.2.7-1 |
| disco | not-affected | 1.5.0really1.2.7-1 |
| esm-apps/bionic | not-affected | 1.5.0really1.2.7-1 |
| esm-apps/xenial | not-affected | 1.2.7-1build1 |
| esm-infra-legacy/trusty | DNE | |
| precise | DNE | |
| precise/esm | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 1.6.0-1ubuntu2 |
| cosmic | not-affected | 1.6.0-1ubuntu2 |
| devel | not-affected | 1.6.0-1ubuntu2 |
| disco | not-affected | 1.6.0-1ubuntu2 |
| esm-apps/bionic | not-affected | 1.6.0-1ubuntu2 |
| esm-apps/xenial | not-affected | 1.6.0-1ubuntu2 |
| esm-infra-legacy/trusty | DNE | |
| precise | DNE | |
| precise/esm | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 2.4.3-1ubuntu1 |
| cosmic | not-affected | 2.4.3-1ubuntu1 |
| devel | not-affected | 2.4.3-1ubuntu1 |
| disco | not-affected | 2.4.3-1ubuntu1 |
| esm-apps/bionic | not-affected | 2.4.3-1ubuntu1 |
| esm-apps/xenial | not-affected | 2.4.3-1ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| precise | DNE | |
| precise/esm | DNE |
Показывать по
EPSS
7.2 High
CVSS2
7.8 High
CVSS3
Связанные уязвимости
Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local users to execute arbitrary PHP code with additional privileges by leveraging an application with the umask set to 0 and that executes cache entries as code.
Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before ...
Doctrine Security Misconfiguration Vulnerability
EPSS
7.2 High
CVSS2
7.8 High
CVSS3