CVSS: 6.3EPSS: 0%CPEs: 11EXPL: 0CVE-2020-8017 – race condition on texlive-filesystem cron job allows for the deletion of unintended files
https://notcve.org/view.php?id=CVE-2020-8017
02 Apr 2020 — A Race Condition Enabling Link Following vulnerability in the cron job shipped with texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local users in group mktex to delete arbitrary files on the system This issue affects: SUSE Linux Enterprise Module for Desktop Applications 15-SP1 texlive-filesystem versions prior to 2017.135-9.5.1. SUSE Li... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00021.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.0EPSS: 0%CPEs: 10EXPL: 1CVE-2020-8016 – race condition in the packaging of texlive-filesysten
https://notcve.org/view.php?id=CVE-2020-8016
02 Apr 2020 — A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local users to corrupt files or potentially escalate privileges. This issue affects: SUSE Linux Enterprise Module for Desktop Applications 15-SP1 texlive-filesystem versions prior to 2017.135-9.5.1. SUSE Linux Enterpr... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00021.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •