Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google fscrypt vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2022-25326
fscrypt through v0.3.2 creates a world-writable directory by default when setting up a filesystem, allowing unprivileged users to exhaust filesystem space. We recommend upgrading to fscrypt 0.3.3 or above and adjusting the permissions on existing fscrypt metadata directories wher...
Google Fscrypt
5.5
CVSSv3
CVE-2022-25327
The PAM module for fscrypt doesn't adequately validate fscrypt metadata files, allowing users to create malicious metadata files that prevent other users from logging in. A local user can cause a denial of service by creating a fscrypt metadata file that prevents other users...
Google Fscrypt
7.3
CVSSv3
CVE-2022-25328
The bash_completion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a m...
Google Fscrypt
6.5
CVSSv3
CVE-2018-6558
The pam_fscrypt module in fscrypt prior to 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows malicious users to gain privileges via a successful login through certain applications that use Linux-PAM (aka pa...
Google Fscrypt
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started