Possible privilege escalation via bash completion script

🗓️ 01 Mar 2022 21:57:04Reported by GitHub Advisory DatabaseType

Possible privilege escalation via fscrypt bash completio

Reporter	Title	Published	Views	Family All 13
Github Security Blog	Command injection in github.com/google/fscrypt	26 Feb 202200:00	–	github
Prion	Design/Logic Flaw	25 Feb 202211:15	–	prion
OSV	Possible privilege escalation via bash completion script	1 Mar 202221:04	–	osv
OSV	CVE-2022-25328	25 Feb 202211:15	–	osv
OSV	Command injection in github.com/google/fscrypt	26 Feb 202200:00	–	osv
OSV	OPENSUSE-SU-2024:11902-1 fscrypt-0.3.3-1.1 on GA media	15 Jun 202400:00	–	osv
CNVD	Google fscrypt command injection vulnerability	28 Feb 202200:00	–	cnvd
Cvelist	CVE-2022-25328 Privilege escalation through command injection in fscrypt	25 Feb 202211:00	–	cvelist
UbuntuCve	CVE-2022-25328	25 Feb 202200:00	–	ubuntucve
NVD	CVE-2022-25328	25 Feb 202211:15	–	nvd

Vulners

Node

google fscryptRange<0.3.3

Source	Link
github	www.github.com/google/fscrypt/security/advisories/GHSA-w4f8-fxq2-j35v
github	www.github.com/advisories/GHSA-w4f8-fxq2-j35v

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

01 Mar 2022 21:04Current

3.2Low risk

Vulners AI Score3.2

CVSS27.2

CVSS35 - 7.3

EPSS0.00042