Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted commands via navigating to the affected directories, or executing the affected commands.
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NGentoo Portage
APPGentoowszystkie wersje
Related vulnerabilities
Brak weryfikacji podpisu PGP w Gentoo Portage emerge-webrsync
The urlopen function in pym/portage/util/_urlopen.py in Gentoo Portage 2.1.12, when using HTTPS, does not veri...
Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/nagios/plugi...
Multiple untrusted search path vulnerabilities in Portage before 2.1.4.5 include the current working directory...
Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfil...