Page 3 of 11 results (0.003 seconds)

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff. • https://exchange.xforce.ibmcloud.com/vulnerabilities/5280 •