Количество 2
Количество 2
CVE-2019-15716
WTF before 0.19.0 does not set the permissions of config.yml, which might make it easier for local attackers to read passwords or API keys if the permissions were misconfigured or were based on unsafe OS defaults.
GHSA-3j2c-999x-65vh
WTF before 0.19.0 does not set the permissions of config.yml, which might make it easier for local attackers to read passwords or API keys if the permissions were misconfigured or were based on unsafe OS defaults.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-15716 WTF before 0.19.0 does not set the permissions of config.yml, which might make it easier for local attackers to read passwords or API keys if the permissions were misconfigured or were based on unsafe OS defaults. | CVSS3: 5.5 | 0% Низкий | больше 6 лет назад |
| GHSA-3j2c-999x-65vh WTF before 0.19.0 does not set the permissions of config.yml, which might make it easier for local attackers to read passwords or API keys if the permissions were misconfigured or were based on unsafe OS defaults. | CVSS3: 5.5 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу