Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistRedhatCVELIST:CVE-2022-3560
HistoryFeb 02, 2023 - 12:00 a.m.

CVE-2022-3560

2023-02-0200:00:00
CWE-22
redhat
raw.githubusercontent.com
2

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.9%

JSON

A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the ‘pesign’ group. However, the script doesn’t check for symbolic links. This could allow an attacker to gain access to privileged files and directories via a path traversal attack.

Related

nessus 23
openvas 4
rocky 2
redhat 8
redhatcve 1
almalinux 2
debiancve 1
fedora 2
oraclelinux 3
ubuntucve 1
osv 4
cve 1
rosalinux 2
centos 1
prion 1
cbl_mariner 1
redos 1
nessus
nessus
Oracle Linux 8 : pesign (ELSA-2023-1572)
2023-04-04 00:00:00
Oracle Linux 7 : pesign (ELSA-2023-1093)
2023-03-07 00:00:00
CentOS 7 : pesign (RHSA-2023:1093)
2023-03-09 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:0484-1)
2023-03-28 00:00:00
Fedora: Security Advisory for pesign (FEDORA-2023-5399953e3b)
2023-02-10 00:00:00
Fedora: Security Advisory for pesign (FEDORA-2023-e77628f240)
2023-02-10 00:00:00
rocky
rocky
pesign security update
2023-03-08 16:38:25
pesign security update
2023-04-06 15:52:43
redhat
redhat
(RHSA-2023:1829) Important: pesign security update
2023-04-18 16:09:13
(RHSA-2023:1093) Important: pesign security update
2023-03-07 08:56:14
(RHSA-2023:1066) Important: pesign security update
2023-03-06 10:10:00
redhatcve
redhatcve
CVE-2022-3560
2023-01-31 16:06:02
almalinux
almalinux
Important: pesign security update
2023-03-06 00:00:00
Important: pesign security update
2023-04-04 00:00:00
debiancve
debiancve
CVE-2022-3560
2023-02-02 21:22:38
fedora
fedora
[SECURITY] Fedora 37 Update: pesign-116-1.fc37
2023-02-09 09:14:06
[SECURITY] Fedora 36 Update: pesign-115-4.fc36
2023-02-09 09:26:28
oraclelinux
oraclelinux
pesign security update
2023-03-06 00:00:00
pesign security update
2023-03-08 00:00:00
pesign security update
2023-04-04 00:00:00
ubuntucve
ubuntucve
CVE-2022-3560
2023-02-02 00:00:00
osv
osv
Important: pesign security update
2023-04-04 00:00:00
Important: pesign security update
2023-03-06 00:00:00
Important: pesign security update
2023-04-06 15:52:43
cve
cve
CVE-2022-3560
2023-02-02 21:22:38
rosalinux
rosalinux
Advisory ROSA-SA-2023-2225
2023-08-29 12:20:36
Advisory ROSA-SA-2023-2132
2023-03-14 14:19:09
centos
centos
pesign security update
2023-03-08 16:30:33
prion
prion
Path traversal
2023-02-02 21:22:00
cbl_mariner
cbl_mariner
CVE-2022-3560 affecting package pesign 0.112-32
2024-06-02 09:07:46
redos
redos
ROS-20240426-01
2024-04-26 00:00:00

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.9%

JSON
Related for CVELIST:CVE-2022-3560
nessus23openvas4rocky2redhat8redhatcve1almalinux2debiancve1fedora2oraclelinux3ubuntucve1osv4cve1rosalinux2centos1prion1cbl_mariner1redos1