Page 64 of 1536 results (0.009 seconds)

CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 3

AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow. AIDE versiones anteriores a 0.17.4, permite a usuarios locales obtener privilegios de root por medio de metadatos de archivo diseñados (como atributos extendidos de XFS o ACLs de tmpfs), debido a un desbordamiento de búfer en la región heap de la memoria A heap-based buffer overflow vulnerability in the base64 functions of AIDE, an advanced intrusion detection system. An attacker could crash the program and possibly execute arbitrary code through large (<16k) extended file attributes or ACL. • http://www.openwall.com/lists/oss-security/2022/01/20/3 https://lists.debian.org/debian-lts-announce/2022/01/msg00024.html https://security.gentoo.org/glsa/202311-07 https://www.debian.org/security/2022/dsa-5051 https://www.ipi.fi/pipermail/aide/2022-January/001713.html https://www.openwall.com/lists/oss-security/2022/01/20/3 https://access.redhat.com/security/cve/CVE-2021-45417 https://bugzilla.redhat.com/show_bug.cgi?id=2041489 • CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1

A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp. Se ha encontrado un fallo en systemd. Una recursión no controlada en systemd-tmpfiles puede conllevar a una denegación de servicio en el momento del arranque cuando son creados demasiados directorios anidados en /tmp. • https://access.redhat.com/security/cve/CVE-2021-3997 https://bugzilla.redhat.com/show_bug.cgi?id=2024639 https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1 https://security.gentoo.org/glsa/202305-15 https://www.openwall.com/lists/oss-security/2022/01/10/2 • CWE-674: Uncontrolled Recursion •

CVSS: 7.7EPSS: 0%CPEs: 8EXPL: 0

Flatpak is a Linux application sandboxing and distribution framework. A path traversal vulnerability affects versions of Flatpak prior to 1.12.3 and 1.10.6. flatpak-builder applies `finish-args` last in the build. At this point the build directory will have the full access that is specified in the manifest, so running `flatpak build` against it will gain those permissions. Normally this will not be done, so this is not problem. However, if `--mirror-screenshots-url` is specified, then flatpak-builder will launch `flatpak build --nofilesystem=host appstream-utils mirror-screenshots` after finalization, which can lead to issues even with the `--nofilesystem=host` protection. • https://github.com/flatpak/flatpak/commit/445bddeee657fdc8d2a0a1f0de12975400d4fc1a https://github.com/flatpak/flatpak/commit/4d11f77aa7fd3e64cfa80af89d92567ab9e8e6fa https://github.com/flatpak/flatpak/security/advisories/GHSA-8ch7-5j3h-g4fx https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APFTBYGJJVJPFVHRXUW5PII5XOAFI4KH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IXKBERLJRYV7KXKGXOLI6IOXVBQNN4DP https://security.gentoo.org/glsa/202312-12 https://www.debian • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 8.6EPSS: 0%CPEs: 7EXPL: 0

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the case that there's a null byte in the metadata file of an app. Therefore apps can grant themselves permissions without the consent of the user. Flatpak shows permissions to the user during install by reading them from the "xa.metadata" key in the commit metadata. This cannot contain a null terminator, because it is an untrusted GVariant. • https://github.com/flatpak/flatpak/commit/54ec1a482dfc668127eaae57f135e6a8e0bc52da https://github.com/flatpak/flatpak/commit/65cbfac982cb1c83993a9e19aa424daee8e9f042 https://github.com/flatpak/flatpak/commit/93357d357119093804df05acc32ff335839c6451 https://github.com/flatpak/flatpak/commit/ba818f504c926baaf6e362be8159cfacf994310e https://github.com/flatpak/flatpak/commit/d9a8f9d8ccc0b7c1135d0ecde006a75d25f66aee https://github.com/flatpak/flatpak/releases/tag/1.10.6 https://github.com/flatpak/flatpak/releases/tag/1.12.3 https://github.com/flatpak/ • CWE-269: Improper Privilege Management CWE-276: Incorrect Default Permissions •

CVSS: 7.5EPSS: 0%CPEs: 19EXPL: 1

Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1. Date.parse en date gem versiones hasta 3.2.0 para Ruby, permite ReDoS (expresión regular de denegación de servicio) por medio de una cadena larga. Las versiones corregidas son 3.2.1, 3.1.2, 3.0.2 y 2.0.1. A flaw was found in ruby, where the date object was found to be vulnerable to a regular expression denial of service (ReDoS) during the parsing of dates. • https://hackerone.com/reports/1254844 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF https://security.gentoo.org/glsa/202401-27 https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817 https://access.redhat.com/security/cve/CVE-2021-41817 https://bugzilla.redhat.com/show_bug. • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •