Lucene search
+L

25 matches found

OSV
OSV
added 2023/05/30 3:56 a.m.23 views

CVE-2023-32698 nfpm vulnerable to Incorrect Default Permissions

nFPM is an alternative to fpm. The file permissions on the checked-in files were not maintained. Hence, when nfpm packaged the files without extra config for enforcing it’s own permissions files could go out with bad permissions chmod 666 or 777. Anyone using nfpm for creating packages without...

7.1CVSS6.9AI score0.00384EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/05/30 12:0 a.m.6 views

nFPM 安全漏洞

nFPM is a GoReleaser open source simple deb, rpm and apk packaging program written in Go. There is a security vulnerability in nFPM that stems from the fact that anyone using nFPM to create packages without checking/setting file permissions prior to packaging can result in incorrect permissions o...

7.1CVSS7AI score0.00384EPSS
Exploits1References4
OSV
OSV
added 2023/05/24 5:30 p.m.27 views

GHSA-W7JW-Q4FG-QC4C nfpm has incorrect default permissions

Summary When building packages directly from source control, file permissions on the checked-in files are not maintained. Details When building packages directly from source control, file permissions on the checked-in files are not maintained. When nfpm packaged the files without extra config for...

7.1CVSS6.7AI score0.00384EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2023/05/24 5:30 p.m.48 views

nfpm has incorrect default permissions

Summary When building packages directly from source control, file permissions on the checked-in files are not maintained. Details When building packages directly from source control, file permissions on the checked-in files are not maintained. When nfpm packaged the files without extra config for...

7.1CVSS6.7AI score0.00384EPSS
Exploits1References5Affected Software2
Positive Technologies
Positive Technologies
added 2023/05/24 12:0 a.m.3 views

PT-2023-23971 · Nfpm · Nfpm

Name of the Vulnerable Software and Affected Versions: nfpm affected versions not specified Description: The issue arises when nfpm packages files without maintaining the original file permissions from the source control. This can result in files being packaged with incorrect permissions, such as...

7.1CVSS6.7AI score0.00384EPSS
Exploits1References10
Rows per page
Query Builder