CVE-2020-28407

Опубликовано: 03 нояб. 2023

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 7.1

Описание

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.

Релиз	Статус	Примечание
devel	not-affected	0.6.3-0ubuntu3
jammy	not-affected	0.6.3-0ubuntu3
trusty	ignored	end of standard support
upstream	needs-triage
xenial	ignored	end of standard support

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2020-28407

EPSS

Процентиль: 2%

0.00015

Низкий

7.1 High

CVSS3

Связанные уязвимости

CVE-2020-28407

CVSS3: 7.3

redhat

около 5 лет назад

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.

CVE-2020-28407

CVSS3: 7.1

nvd

больше 2 лет назад

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.

CVE-2020-28407

CVSS3: 7.1

debian

больше 2 лет назад

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be ...

GHSA-52x8-2f4w-q8mm

CVSS3: 7.1

github

больше 2 лет назад

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.

EPSS

Процентиль: 2%

0.00015

Низкий

7.1 High

CVSS3

CVE-2020-28407

Описание

Пакет swtpm

Ссылки на источники

Связанные уязвимости