漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Git Credential Manager (GCM)'s Debian package does not set root ownership on installed files
Vulnerability Description
Git Credential Manager (GCM) is a secure Git credential helper. Prior to 2.5.0, the Debian package does not set root ownership on installed files. This allows user 1001 on a multi-user system can replace binary and gain other users' privileges. This vulnerability is fixed in 2.5.0.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N
Vulnerability Type
关键资源的不正确权限授予
Vulnerability Title
Git Credential Manager 安全漏洞
Vulnerability Description
Git Credential Manager(GCM)是Git Ecosystem开源的一个安全的 Git 凭据助手。 Git Credential Manager 2.5.0之前版本存在安全漏洞,该漏洞源于Debian软件包不会在已安装的文件上设置root所有权,这使得多用户系统上的用户可以替换二进制文件并获得其他用户的权限。
CVSS Information
N/A
Vulnerability Type
N/A