Количество 3
Количество 3
CVE-2018-10867
Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by the apached user.
CVE-2018-10867
Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by the apached user.
GHSA-fxc4-ggqh-5wg4
It has been discovered that redhat-certification does not restrict file access in the /update/results page. A remote attacker could use this vulnerability to remove any file accessible by the user which is running httpd. This flaw affects redhat-certification version 7.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-10867 Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by the apached user. | CVSS3: 6.5 | 0% Низкий | больше 7 лет назад |
 | CVE-2018-10867 Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by the apached user. | CVSS3: 9.1 | 0% Низкий | больше 4 лет назад |
| GHSA-fxc4-ggqh-5wg4 It has been discovered that redhat-certification does not restrict file access in the /update/results page. A remote attacker could use this vulnerability to remove any file accessible by the user which is running httpd. This flaw affects redhat-certification version 7. | CVSS3: 9.1 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу