Published: 23/01/2020 Updated: 08/11/2022

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local malicious users to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions before 3.1-lp151.3.3.1.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apt-cacher-ng_project apt-cacher-ng
opensuse backports sle-15

oss-sec mailing list archives   By Date By Thread </form>    CVE-2019-18899: apt-cacher-ng: openSUSE packaging for apt-cacher-ng runs the daemon as root instead of as an unprivileged user ...

CWE-269 https://bugzilla.suse.com/show_bug.cgi?id=1157703 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00057.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00065.html https://nvd.nist.gov http://seclists.org/oss-sec/2020/q1/22

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-18899

Vulnerability Summary

Vulnerability Trend

Mailing Lists

References

Vulmon Search

About

Products

Connect