Lucene search
K

5 matches found

OSV
OSV
added 2026/04/28 12:31 a.m.3 views

GHSA-5368-6H4H-GR29 Spring Boot's PID file write follows symlinks at predictable default path

When an application is configured to use ApplicationPidFileWriter, a local attacker with write access to the PID file's location can corrupt one file on the host each time the application is started. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14, 3.4.0–3.4.15 fix 3.4.16,...

4.7CVSS5.8AI score0.00112EPSS
Exploits0References3
NVD
NVD
added 2026/04/28 12:16 a.m.6 views

CVE-2026-40977

When an application is configured to use ApplicationPidFileWriter, a local attacker with write access to the PID file's location can corrupt one file on the host each time the application is started. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14, 3.4.0–3.4.15 fix 3.4.16,...

6.7CVSS0.00112EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/27 11:36 p.m.31 views

CVE-2026-40977

When an application is configured to use ApplicationPidFileWriter, a local attacker with write access to the PID file's location can corrupt one file on the host each time the application is started. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14, 3.4.0–3.4.15 fix 3.4.16,...

4.7CVSS0.00112EPSS
Exploits0References1
Spring Security Advisories
Spring Security Advisories
added 2026/04/23 12:0 a.m.8 views

PID file write follows symlinks at predictable default path

When an application is configured to use ApplicationPidFileWriter , a local attacker with write access to the PID file's location can corrupt one file on the host each time the application is started...

4.7CVSS5.9AI score0.00112EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/07/20 12:0 a.m.35 views

Fedora 17 : openstack-nova-2012.1.1-3.fc17 (2012-10420)

Update to latest essex stable branch - Distinguish volume overlimit exceptions - Prohibit host file corruption through file injection CVE-2012-3360, CVE-2012-3361 - Support injecting new .ssh/authorizedkeys files to SELinux enabled guests Note that Tenable Network Security has extracted the...

5.5CVSS5.4AI score0.02997EPSS
Exploits2References3
Rows per page
Query Builder