CVE-2017-18925

Severity CVSS v4.0:
Pending analysis
Type:
CWE-59 Link Following
Publication date:
26/10/2020
Last modified:
30/10/2020

Description

opentmpfiles through 0.3.1 allows local users to take ownership of arbitrary files because d entries are mishandled and allow a symlink attack.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:openr:opentmpfiles:*:*:*:*:*:*:*:* 0.3.1 (including)


References to Advisories, Solutions, and Tools