Filtered by vendor Openr
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-18925 | 1 Openr | 1 Opentmpfiles | 2020-10-30 | 2.1 LOW | 5.5 MEDIUM |
opentmpfiles through 0.3.1 allows local users to take ownership of arbitrary files because d entries are mishandled and allow a symlink attack. | |||||
CVE-2017-18188 | 1 Openr | 1 Opentmpfiles | 2018-03-09 | 2.1 LOW | 5.5 MEDIUM |
OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run. |