You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Tool Description: In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.
Due Date: 2022-11-03
A low severity vulnerability has been discovered in your project.
Project Name: twrap-go
Scanner Name: trivy
Cwe ID: 362
Cwe Name: Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)
Cwe Link: https://cwe.mitre.org/data/definitions/362.html
CVE ID: CVE-2017-18018
Target: redis:latest (debian 11.5)
Packages:
References:
Tool Description: In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.
Custom Description: asdas
Kondukto Link: http://79.kondukto.local/projects/634fe837a5be8478724352c4/vulns/appsec?page=1&perPage=15&id=in:636247699538740807b6fc45
Deeplink: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18018
The text was updated successfully, but these errors were encountered: