Lucene search
K

8 matches found

OSV
OSV
added 2026/05/16 12:10 p.m.7 views

CLSA-2026-1778933429 Fix CVE(s): CVE-2024-11003, CVE-2024-48990, CVE-2024-48991, CVE-2024-48992

SECURITY UPDATE: drop usage of Module::ScanDeps to prevent LPE - debian/patches/CVE-2024-11003.patch: drop usage of Module::ScanDeps to prevent LPE - CVE-2024-11003 SECURITY UPDATE: do not set PYTHONPATH environment variable to prevent a LPE - debian/patches/CVE-2024-48990.patch: do not set...

7.8CVSS7.3AI score0.19924EPSS
Exploits15References1
AstraLinux
AstraLinux
added 2024/11/23 3:4 a.m.4 views

Astra Linux – Vulnerability in needrestart

Qualys discovered that needrestart, prior to version 3.8, allowed local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable...

7.8CVSS7.7AI score0.06607EPSS
Exploits2References3
NVD
NVD
added 2024/11/19 6:15 p.m.20 views

CVE-2024-48992

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable...

7.8CVSS0.06607EPSS
Exploits2References6
OSV
OSV
added 2024/11/19 5:38 p.m.23 views

CVE-2024-48992

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable...

7.8CVSS7.6AI score0.06607EPSS
Exploits2References9
CVE
CVE
added 2024/11/19 5:38 p.m.73 views

CVE-2024-48992

CVE-2024-48992 affects needrestart before 3.8. An attacker could trigger arbitrary root commands by supplying an attacker-controlled RUBYLIB and tricking the Ruby interpreter, per the initial description. The TencentOS Server 4 advisory also notes that needrestart passes unsanitized data to Modul...

7.8CVSS7.9AI score0.06607EPSS
Exploits2References6Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/19 5:38 p.m.37 views

CVE-2024-48992

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable...

7.8CVSS8AI score0.06607EPSS
Exploits2References3
Cvelist
Cvelist
added 2024/11/19 5:38 p.m.29 views

CVE-2024-48992

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable...

7.8CVSS0.06607EPSS
Exploits2References3
Debian CVE
Debian CVE
added 2024/11/19 5:38 p.m.14 views

CVE-2024-48992

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable...

7.8CVSS8.6AI score0.06607EPSS
Exploits2
Rows per page
Query Builder