2 matches found
CVE-2020-27730
In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities...
CVE-2020-27730
CVE-2020-27730 affects the NGINX Controller Agent : versions 1.0.1, 2.0.0–2.9.0, and 3.0.0–3.9.0 do not use absolute paths when invoking system utilities, enabling a local attacker to escalate privileges to root and execute arbitrary code. Public disclosures from Red Hat and F5 corroborate the vu...