CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 2CVE-2023-2603 – libcap: Integer Overflow in _libcap_strdup()
https://notcve.org/view.php?id=CVE-2023-2603
06 Jun 2023 — A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB. Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications... • https://github.com/Pazhanivelmani/external_libcap-Android10_r33_CVE-2023-2603 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.3EPSS: 0%CPEs: 22EXPL: 0CVE-2011-4099 – capsh: does not chdir after chroot
https://notcve.org/view.php?id=CVE-2011-4099
08 Feb 2014 — The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors. El programa capsh en libcap anterior a 2.22 no cambia el directorio de trabajo actual cuando la opción --chroot es especificada, lo que permite a usuarios locales evadir las restricciones chroot a través de vectores no especificados. • http://rhn.redhat.com/errata/RHSA-2011-1694.html • CWE-264: Permissions, Privileges, and Access Controls •