Vulnerability Details CVE-2019-18899
The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.9%
CVSS Severity
CVSS v3 Score 6.2
CVSS v2 Score 2.1
References
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00057.html
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00065.html
- https://bugzilla.suse.com/show_bug.cgi?id=1157703
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00057.html
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00065.html
- https://bugzilla.suse.com/show_bug.cgi?id=1157703
Products affected by CVE-2019-18899
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:-
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.7.26
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.7.26-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.7.26-2
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.7.27
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.7.27-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.0
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.0-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.0-2
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.0-3
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.1-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.2
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.2-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.3
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.3-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.4
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.4-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.5
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.5-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.5-2
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.6
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.6-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.7
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.7-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.8
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.8-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.9
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.8.9-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.9.0
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.9.0-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.9.1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.9.1-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.9.2
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.9.2-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.9.3
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.9.3-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.9.3.1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.9.3.1-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.9.3.2
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:0.9.3.2-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:1-2
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:2
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:2-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:2-2
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:3
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:3-1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:3-2
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:3-3
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:3-4
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:3-5
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:3.1
-
cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:3.1-1
-
cpe:2.3:o:opensuse:backports:sle-15
-
cpe:2.3:o:opensuse:leap:15.1