BIT-PEBBLE-2024-3250

It was discovered that Canonical's Pebble service manager read-file API and the associated pebble pull command, before v1.10.2, allowed unprivileged local users to read files with root-equivalent permissions when Pebble was running as root. Fixes are also available as backports to v1.1.1, v1.4.2,...

CVE-2024-3250

It was discovered that Canonical's Pebble service manager read-file API and the associated pebble pull command, before v1.10.2, allowed unprivileged local users to read files with root-equivalent permissions when Pebble was running as root. Fixes are also available as backports to v1.1.1, v1.4.2,...

CVE-2024-3250

CVE-2024-3250 affects Canonical’s Pebble service manager. The issue arises from the read-file API used by the pebble pull command, which, before v1.10.2, allowed unprivileged local users to read files with root-equivalent permissions when Pebble ran as root. This could enable access to sensitive ...

PT-2021-17779 · Camunda · Camunda Modeler

Name of the Vulnerable Software and Affected Versions: Camunda Modeler versions through 4.6.0 Description: The issue allows arbitrary file access. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which manipulates the readFile and writeFile API...