CVE-2023-32190

Опубликовано: 16 окт. 2024

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 7.8

Описание

mlocate's %post script allows RUN_UPDATEDB_AS user to make arbitrary files world readable by abusing insecure file operations that run with root privileges.

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	not-affected	code not present
esm-infra/bionic	not-affected	code not present
esm-infra/focal	not-affected	code not present
esm-infra/xenial	not-affected	code not present
focal	not-affected	code not present
jammy	DNE
noble	DNE
oracular	DNE
trusty/esm	not-affected	code not present

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2023-32190

EPSS

Процентиль: 28%

0.00102

Низкий

7.8 High

CVSS3

Связанные уязвимости

CVE-2023-32190

CVSS3: 7.8

redhat

больше 1 года назад

mlocate's %post script allows RUN_UPDATEDB_AS user to make arbitrary files world readable by abusing insecure file operations that run with root privileges.

CVE-2023-32190

CVSS3: 7.8

nvd

больше 1 года назад

mlocate's %post script allows RUN_UPDATEDB_AS user to make arbitrary files world readable by abusing insecure file operations that run with root privileges.

CVE-2023-32190

CVSS3: 7.8

debian

больше 1 года назад

mlocate's %post script allows RUN_UPDATEDB_AS user to make arbitrary f ...

GHSA-f97f-26jc-gffx

CVSS3: 7.8

github

больше 1 года назад

mlocate's %post script allows RUN_UPDATEDB_AS user to make arbitrary files world readable by abusing insecure file operations that run with root privileges.

EPSS

Процентиль: 28%

0.00102

Низкий

7.8 High

CVSS3

CVE-2023-32190

Описание

Пакет mlocate

Ссылки на источники

Связанные уязвимости