Multiple untrusted search path vulnerabilities in Portage prior to 2.1.4.5 include the current working directory in the Python search path, which allows local users to execute arbitrary code via a modified Python module that is loaded by the (1) ys-apps/portage, (2) net-mail/fetchmail, (3) app-editors/leo ebuilds, and other ebuilds.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gentoo portage 2.1.3.11 |
||
gentoo portage 2.1.3.10 |
||
gentoo portage |
||
gentoo portage 2.1.1 |
||
gentoo portage 2.0.51.22 |