Lucene search
Gentoo FoundationMGASA-2022-0306HistoryAug 26, 2022 - 12:21 a.m.
Updated canna packages fix security vulnerability
2022-08-2600:21:07
Gentoo Foundation
advisories.mageia.org
21
canna packages
security vulnerability
unix socket dir
/tmp
/run
local attackers
bogus directories
cve-2022-21950
CVSS3
5.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS
0
Percentile
5.1%
Move UNIX socket dir from /tmp to /run to avoid local attackers being able to place bogus directories in its stead. (CVE-2022-21950)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 8 | noarch | canna | < 3.7p3-25.1 | canna-3.7p3-25.1.mga8 |
Related
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0306)
2022-08-26 00:00:00
openSUSE: Security Advisory for canna (openSUSE-SU-2022:10091-1)
2024-03-04 00:00:00
cvelist
cvelist
CVE-2022-21950 canna: unsafe handling of /tmp/.iroha_unix directory
2022-09-07 08:40:10
suse
suse
Security update for canna (important)
2022-08-16 00:00:00
Security update for canna (important)
2022-08-16 00:00:00
prion
prion
Improper access control
2022-09-07 09:15:00
cve
cve
CVE-2022-21950
2022-09-07 09:15:08
nessus
nessus
openSUSE 15 Security Update : canna (openSUSE-SU-2022:10091-1)
2022-08-18 00:00:00
nvd
nvd
CVE-2022-21950
2022-09-07 09:15:08
CVSS3
5.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS
0
Percentile
5.1%
Related for MGASA-2022-0306