Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
zypp-refresh-wrapper in SUSE Zypper before 1.3.20 and 1.6.x before 1.6.166 allows local users to create files in arbitrary directories, or possibly have unspecified other impact, via a pathname in the ZYPP_LOCKFILE_ROOT environment variable.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Novell SUSE Zypper zypp-refresh-wrapper 安全漏洞
Vulnerability Description
Novell SUSE Zypper(也称zypp)是美国Novell公司的一个简单易用的命令行包管理器,它使用了一个软件包管理库libzypp,能够操作软件安装源,搜索软件包,安装、删除或更新软件包等。 SUSE Zypper 1.2.8及之前的版本和1.6.166之前的1.6.x版本中的zypp-refresh-wrapper程序中存在安全漏洞。本地攻击者可借助ZYPP_LOCKFILE_ROOT环境变量中的路径名利用该漏洞在任意目录创建文件或产生其他影响。
CVSS Information
N/A
Vulnerability Type
N/A