Lucene search
K

4 matches found

Snyk
Snyk
added 2024/08/24 7:21 p.m.2 views

Incorrect Default Permissions

Overview Affected versions of this package are vulnerable to Incorrect Default Permissions. The default file permissions were set to world-writable. By modifying these accessible files, an attacker can execute arbitrary code. This is only exploitable if local user access is allowed on the system...

7.8CVSS7.2AI score0.00194EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2024/08/23 6:54 p.m.15 views

request_store has Incorrect Default Permissions

Impact The files published as part of requeststore 1.3.2 have 0666 permissions, meaning that they are world-writable, which allows local users to execute arbitrary code. This version was published in 2017, and most production environments do not allow access for local users, so the chances of thi...

7.8CVSS7.3AI score0.00194EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/08/23 6:54 p.m.16 views

GHSA-FRP2-5QFC-7R8M request_store has Incorrect Default Permissions

Impact The files published as part of requeststore 1.3.2 have 0666 permissions, meaning that they are world-writable, which allows local users to execute arbitrary code. This version was published in 2017, and most production environments do not allow access for local users, so the chances of thi...

8.5CVSS7.6AI score0.00194EPSS
Exploits0References4
RubySec
RubySec
added 2024/08/23 12:0 a.m.22 views

request_store has Incorrect Default Permissions

Impact The files published as part of requeststore 1.3.2 have 0666 permissions, meaning that they are world-writable, which allows local users to execute arbitrary code. This version was published in 2017, and most production environments do not allow access for local users, so the chances of thi...

7.8CVSS7.6AI score0.00194EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder