Lucene search
PRIOn knowledge basePRION:CVE-2017-7500HistoryAug 13, 2018 - 5:29 p.m.
Design/Logic Flaw
2018-08-1317:29:00
PRIOn knowledge base
www.prio-n.com
7
It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write access to a directory in which a subdirectory will be installed, could redirect that directory to an arbitrary location and gain root privilege.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rpm | eq | 4.14.0.0 rc1 | |
| rpm | eq | 4.14.0.0 rc2 | |
| rpm | ge | 4.13.0.0 | |
| rpm | lt | 4.13.0.2 |
Related
cve
cve
nessus
nessus
Photon OS 1.0: Rpm PHSA-2018-1.0-0194
2019-02-07 00:00:00
SUSE SLED15 / SLES15 Security Update : rpm (SUSE-SU-2018:2073-1)
2019-01-02 00:00:00
EulerOS 2.0 SP2 : rpm (EulerOS-SA-2019-2384)
2019-12-10 00:00:00
osv
osv
openvas
openvas
Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2019-2658)
2020-01-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:2073-1)
2021-06-09 00:00:00
Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2019-2384)
2020-01-23 00:00:00
suse
suse
Security update for rpm (moderate)
2018-08-06 15:17:09
Security update for rpm (moderate)
2018-10-24 15:11:26
ubuntucve
ubuntucve
cvelist
cvelist
nvd
nvd
redhatcve
redhatcve
debiancve
debiancve
fedora
fedora
[SECURITY] Fedora 26 Update: rpm-4.13.0.2-1.fc26
2017-11-07 22:21:47
[SECURITY] Fedora 25 Update: rpm-4.13.0.2-1.fc25
2017-11-28 17:35:50
mageia
mageia
Updated rpm package fixes security vulnerabilities
2017-10-30 22:23:17
veracode
veracode
Privilege Escalation
2022-08-29 04:37:38
Denial Of Service (DoS)
2022-10-01 00:52:29
prion
prion
Design/Logic Flaw
2022-08-26 16:15:00
Race condition
2022-08-25 20:15:00
alpinelinux
alpinelinux
CVE-2021-35937
2022-08-25 20:15:09
CVE-2021-35939
2022-08-26 16:15:08
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2018-1.0-0194
2018-11-07 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2018-2.0-0108
2018-11-08 00:00:00
Critical Photon OS Security Update - PHSA-2018-0194
2018-11-07 00:00:00
ibm
ibm
Security Bulletin: App Connect Enterprise Certified Container UBI updates
2024-03-07 14:53:54
Security Bulletin: IBM Observability with Instana (OnPrem) is affected by Multiple Security Vulnerabilities
2024-05-30 11:23:32
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-04-11 18:19:49