Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2026/05/21 2:28 a.m.25 views

SUSE CVE-2026-44933

PluginScript attempts to chroot the plugin to the repoManagerRoot, this root is frequently / the system root in standard configurations or when using --root. If the chroot target is /, it is a no-op, allowing the traversed path to execute host binaries like /bin/bash with root privileges...

7.8CVSS5.9AI score0.00214EPSS
Exploits0References11
NVD
NVD
added 2026/05/20 10:16 a.m.26 views

CVE-2026-44933

PluginScript attempts to chroot the plugin to the repoManagerRoot, this root is frequently / the system root in standard configurations or when using --root. If the chroot target is /, it is a no-op, allowing the traversed path to execute host binaries like /bin/bash with root privileges...

8.5CVSS0.00214EPSS
Exploits0References1
OSV
OSV
added 2026/05/20 10:16 a.m.10 views

UBUNTU-CVE-2026-44933

PluginScript attempts to chroot the plugin to the repoManagerRoot, this root is frequently / the system root in standard configurations or when using --root. If the chroot target is /, it is a no-op, allowing the traversed path to execute host binaries like /bin/bash with root privileges...

8.5CVSS5.9AI score0.00214EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/20 8:51 a.m.40 views

CVE-2026-44933 Path Traversal in Plugin Loading in libzypp

PluginScript attempts to chroot the plugin to the repoManagerRoot, this root is frequently / the system root in standard configurations or when using --root. If the chroot target is /, it is a no-op, allowing the traversed path to execute host binaries like /bin/bash with root privileges...

8.5CVSS0.00214EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/20 8:51 a.m.8 views

CVE-2026-44933

PluginScript attempts to chroot the plugin to the repoManagerRoot, this root is frequently / the system root in standard configurations or when using --root. If the chroot target is /, it is a no-op, allowing the traversed path to execute host binaries like /bin/bash with root privileges...

8.5CVSS5.9AI score0.00214EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2026/05/20 8:51 a.m.7 views

CVE-2026-44933 Path Traversal in Plugin Loading in libzypp

PluginScript attempts to chroot the plugin to the repoManagerRoot, this root is frequently / the system root in standard configurations or when using --root. If the chroot target is /, it is a no-op, allowing the traversed path to execute host binaries like /bin/bash with root privileges...

8.5CVSS5.9AI score0.00214EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.12 views

PT-2026-42136

Name of the Vulnerable Software and Affected Versions libzypp versions prior to 17.38.9-1.1 Description The PluginScript function attempts to use chroot to restrict the plugin to the repoManagerRoot. In standard configurations or when the --root option is used, this root is often set to / the...

8.5CVSS5.9AI score0.00214EPSS
Exploits0References47
Rows per page
Query Builder