Openr: >> Opentmpfiles >> 0.1.1 Security Vulnerabilities
opentmpfiles through 0.3.1 allows local users to take ownership of arbitrary files because d entries are mishandled and allow a symlink attack.
CVSS Score
5.5
EPSS Score
0.0
Published
2020-10-26
OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run.
CVSS Score
5.5
EPSS Score
0.0
Published
2018-02-14