exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2022-25328

почти 4 года назад

The bash_completion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a malicious mountpoint path and if the system administrator happens to be using the fscrypt bash completion script to complete mountpoint paths. We recommend upgrading to version 0.3.3 or above

CVSS3: 5

EPSS: Низкий

CVE-2022-25328

почти 4 года назад

The bash_completion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a malicious mountpoint path and if the system administrator happens to be using the fscrypt bash completion script to complete mountpoint paths. We recommend upgrading to version 0.3.3 or above

CVSS3: 5

EPSS: Низкий

CVE-2022-25328

почти 4 года назад

The bash_completion script for fscrypt allows injection of commands vi ...

CVSS3: 5

EPSS: Низкий

GHSA-wxjg-p59j-6c92

почти 4 года назад

Command injection in github.com/google/fscrypt

CVSS3: 5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2022-25328 The bash_completion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a malicious mountpoint path and if the system administrator happens to be using the fscrypt bash completion script to complete mountpoint paths. We recommend upgrading to version 0.3.3 or above	CVSS3: 5	0% Низкий	почти 4 года назад
CVE-2022-25328 The bash_completion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a malicious mountpoint path and if the system administrator happens to be using the fscrypt bash completion script to complete mountpoint paths. We recommend upgrading to version 0.3.3 or above	CVSS3: 5	0% Низкий	почти 4 года назад
CVE-2022-25328 The bash_completion script for fscrypt allows injection of commands vi ...	CVSS3: 5	0% Низкий	почти 4 года назад
GHSA-wxjg-p59j-6c92 Command injection in github.com/google/fscrypt	CVSS3: 5	0% Низкий	почти 4 года назад

Уязвимостей на страницу