Lucene search
+L

10 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 4: libarchive (TSSA-2025:0056)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0056 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

9.8CVSS6.6AI score0.01936EPSS
Exploits0References3
Wolfi
Wolfi
added 2025/03/21 10:43 a.m.14 views

CVE-2023-30571 vulnerabilities

Vulnerabilities for packages: libarchive...

5.3CVSS7.1AI score0.00192EPSS
Exploits0
Chainguard
Chainguard
added 2025/03/21 10:12 a.m.38 views

CVE-2023-30571 vulnerabilities

Vulnerabilities for packages: libarchive...

5.3CVSS7.1AI score0.00192EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-30571

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask call inside archivewritediskposix.c changes the umask of the whole...

5.3CVSS5.3AI score0.00192EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.11 views

RHEL 9 : libarchive (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libarchive: Race condition in multi-threaded use of archivewritediskheader on posix based systems CVE-2023-30571 No...

5.3CVSS6.9AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2023/05/30 4:40 a.m.105 views

CVE-2023-30571

A vulnerability was found in libarchive. This issue can cause a race condition in a multi-threaded use of archivewritediskheader on posix based systems, which could allow implicit directory creation with permissions 777, without sticky bit, which means any low privileged user on the system can...

5.3CVSS6.7AI score0.00192EPSS
Exploits0References4
CVE
CVE
added 2023/05/29 12:0 a.m.295 views

CVE-2023-30571

CVE-2023-30571 affects libarchive up to version 3.6.2. The umask() change in archive_write_disk_posix.c allows a race condition between threads that can leave the process with a permanent umask of 0, potentially causing implicit directory creation with 0777 permissions (without sticky bit). This ...

5.3CVSS5AI score0.00192EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2023/05/29 12:0 a.m.32 views

CVE-2023-30571

Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask call inside archivewritediskposix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask 0 setting. Such a race...

5.3CVSS4.5AI score0.00192EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/05/29 12:0 a.m.9 views

CVE-2023-30571

Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask call inside archivewritediskposix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask 0 setting. Such a race...

3.9CVSS6.5AI score0.00192EPSS
Exploits0References2
OSV
OSV
added 2023/05/29 12:0 a.m.20 views

CVE-2023-30571

Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask call inside archivewritediskposix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask 0 setting. Such a race...

3.9CVSS6.8AI score0.00192EPSS
Exploits0References4
Rows per page
Query Builder