Lucene search
K

523 matches found

Github Security Blog
Github Security Blog
added 2026/04/22 6:31 p.m.9 views

Duplicate Advisory: uutils coreutils has a Link Following Issue Via rm Utility

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7cr3-h577-g38j. This link is maintained to preserve external references. Original Description A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The...

7.7CVSS5.9AI score0.00184EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/22 6:31 p.m.11 views

uutils coreutils has an Unchecked Return Value Issue

The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok on truncation attempts. While intended to mimic GNU behavior for special files like /dev/null, the uutils implementation also hides failures on regular files and directorie...

3.3CVSS5.4AI score0.00115EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/22 6:31 p.m.10 views

uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the mv utility of uutils coreutils during cross-device moves. The extended attribute xattr preservation logic uses multiple path-based system calls that perform fresh path-to-inode lookups for each operation. A local attacker with writ...

4.7CVSS5.3AI score0.00091EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/22 6:31 p.m.7 views

uutils coreutils has an Untrusted Search Path

A vulnerability exists in the chroot utility of uutils coreutils when using the --userspec option. The utility resolves the user specification via getpwnam after entering the chroot but before dropping root privileges. On glibc-based systems, this can trigger the Name Service Switch NSS to load...

7.8CVSS6AI score0.00136EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/22 6:31 p.m.13 views

uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition

The touch utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition during file creation. When the utility identifies a missing path, it later attempts creation using File::create, which internally uses OTRUNC. An attacker can exploit this window to create ...

6.3CVSS5.3AI score0.00104EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/04/22 6:31 p.m.11 views

GHSA-V762-X3CF-5MFG Duplicate Advisory: uutils coreutils has a Link Following Issue Via rm Utility

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7cr3-h577-g38j. This link is maintained to preserve external references. Original Description A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The...

6.7CVSS5.9AI score0.00184EPSS
Exploits0References5
OSV
OSV
added 2026/04/22 6:31 p.m.10 views

GHSA-GGC5-46RG-MR4V Duplicate Advisory: uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w6xc-g9qj-vp32. This link is maintained to preserve external references. Original Description The safetraversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use TOCTOU...

3.6CVSS5.9AI score0.0018EPSS
Exploits0References5
OSV
OSV
added 2026/04/22 6:31 p.m.6 views

GHSA-79RC-QPW3-JV92 Duplicate Advisory: uutils coreutils has an Improper Preservation of Permissions issue

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r9hw-mj3w-phcq. This link is maintained to preserve external references. Original Description The mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before...

3.4CVSS5.9AI score0.00142EPSS
Exploits1References5
OSV
OSV
added 2026/04/22 6:31 p.m.5 views

GHSA-67HP-F6HQ-2H6G Duplicate Advisory: uutils coreutils Uses Incorrectly-Resolved Name or Reference

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8vrf-r662-2w2v. This link is maintained to preserve external references. Original Description The cp utility in uutils coreutils, when performing recursive copies -R, incorrectly treats character and block devic...

4.4CVSS5.9AI score0.00177EPSS
Exploits1References6
OSV
OSV
added 2026/04/22 6:31 p.m.4 views

GHSA-7259-CWHX-3XX3 Duplicate Advisory: uutils coreutils has an Improper Check for Unusual or Exceptional Conditions

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-p7h3-7q52-72w8. This link is maintained to preserve external references. Original Description The printenv utility in uutils coreutils fails to display environment variables containing invalid UTF-8 byte...

4.4CVSS6AI score0.0017EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2026/04/22 6:31 p.m.9 views

uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition

A Time-of-Check to Time-of-Use TOCTOU race condition exists in the mv utility of uutils coreutils during cross-device operations. The utility removes the destination path before recreating it through a copy operation. A local attacker with write access to the destination directory can exploit thi...

6.3CVSS5.5AI score0.00091EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/22 6:31 p.m.10 views

Duplicate Advisory: uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w6xc-g9qj-vp32. This link is maintained to preserve external references. Original Description The safetraversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use TOCTOU...

3.6CVSS5.9AI score0.0018EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/04/22 6:31 p.m.4 views

GHSA-GPCG-H6X2-C26P Duplicate Advisory: uutils coreutils has an Improper Input Validation issue

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-p6rv-2qpm-fwvg. This link is maintained to preserve external references. Original Description An argument parsing error in the kill utility of uutils coreutils incorrectly interprets kill -1 as a request to send...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/22 6:31 p.m.6 views

Duplicate Advisory: uutils coreutils has an Improper Input Validation issue

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-p6rv-2qpm-fwvg. This link is maintained to preserve external references. Original Description An argument parsing error in the kill utility of uutils coreutils incorrectly interprets kill -1 as a request to send...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/04/22 6:31 p.m.5 views

GHSA-M26V-HJQ3-X245 Duplicate Advisory: uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-gwm6-q8ch-hcfr. This link is maintained to preserve external references. Original Description A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the install utility of uutils coreutils when using the ...

6.3CVSS6AI score0.00108EPSS
Exploits0References5
OSV
OSV
added 2026/04/22 6:31 p.m.9 views

GHSA-V24V-F45G-W7JF Duplicate Advisory: uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-239g-2685-54x3. This link is maintained to preserve external references. Original Description The install utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition during...

6.3CVSS6AI score0.00118EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/04/22 6:31 p.m.9 views

Duplicate Advisory: uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-gwm6-q8ch-hcfr. This link is maintained to preserve external references. Original Description A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the install utility of uutils coreutils when using the ...

6.3CVSS6AI score0.00108EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/22 6:31 p.m.5 views

Duplicate Advisory: uutils coreutils has a Path Traversal issue

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-89p7-7cq3-hhr2. This link is maintained to preserve external references. Original Description A vulnerability in the rm utility of uutils coreutils allows the bypass of safeguard mechanisms intended to protect t...

5.6CVSS6.1AI score0.00166EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/04/22 6:31 p.m.3 views

GHSA-VCHC-9GGH-3236 Duplicate Advisory: uutils coreutils has a Path Traversal issue

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-89p7-7cq3-hhr2. This link is maintained to preserve external references. Original Description A vulnerability in the rm utility of uutils coreutils allows the bypass of safeguard mechanisms intended to protect t...

5.6CVSS6.1AI score0.00166EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/22 6:31 p.m.8 views

EUVD-2026-24977

A vulnerability in the tail utility of uutils coreutils allows for the exfiltration of sensitive file contents when using the --follow=name option. Unlike GNU tail, the uutils implementation continues to monitor a path after it has been replaced by a symbolic link, subsequently outputting the...

5.3CVSS5.7AI score0.00096EPSS
Exploits1References2
Rows per page
Query Builder