Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVSS Information
N/A
Vulnerability Type
在文件访问前对链接解析不恰当(链接跟随)
Vulnerability Title
rpm 后置链接漏洞
Vulnerability Description
rpm是一个强大的命令行驱动的软件包管理工具,用来安装、卸载、校验、查询和更新 Linux 系统上的软件包。 rpm存在安全漏洞,该漏洞源于没有对中间目录执行不安全符号链接检查。攻击者利用该漏洞可能会获取到root权限。
CVSS Information
N/A
Vulnerability Type
N/A