CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
EPSS
Percentile
19.8%
The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise (SLE) 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | ruby-sqlite3 | < 1.4.2-4 | ruby-sqlite3_1.4.2-4_all.deb |
Debian | 11 | all | ruby-sqlite3 | < 1.4.2-3 | ruby-sqlite3_1.4.2-3_all.deb |
Debian | 999 | all | ruby-sqlite3 | < 1.6.9-2 | ruby-sqlite3_1.6.9-2_all.deb |
Debian | 13 | all | ruby-sqlite3 | < 1.6.9-1 | ruby-sqlite3_1.6.9-1_all.deb |