Low: pam

Issue Overview: A vulnerability was found in Linux PAM. An unprivileged user that is not yet in a corresponding mount namespace with /tmp mounted as a polyinstantiated dir can place a FIFO there, and a subsequent attempt to login as this user with pamnamespace configured will cause the openat in...

CVE-2018-11776

Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true either by user or a plugin like Convention Plugin and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace...