Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
GoogleFscrypt*

3 matches found

CVE
CVEadded 2022/02/25 11:0 a.m.100 views

CVE-2022-25328

The CVE-2022-25328 issue concerns the bash_completion script in Google fscrypt. The vulnerability arises from the bash_completion mechanism: a local attacker who can influence mountpoint paths can inject commands through crafted mountpoint names when the script performs completion. This could lea...

7.3CVSS6.5AI score0.00199EPSS
CVE
CVEadded 2022/02/25 11:0 a.m.91 views

CVE-2022-25327

CVE-2022-25327 affects the PAM module for fscrypt, where inadequate validation of fscrypt metadata files lets a local user craft malicious metadata to cause a denial of service, preventing other users from logging in. The documented remediation is to upgrade to version 0.3.3 or above. The connect...

5.5CVSS5.5AI score0.0011EPSS
CVE
CVEadded 2018/08/23 8:0 p.m.63 views

CVE-2018-6558

The vulnerability CVE-2018-6558 affects the pam_fscrypt module of fscrypt, where versions prior to 0.2.4 may incorrectly restore primary and supplementary group IDs to the values of the root user. This flaw can allow an unprivileged attacker to gain privileges through login flows used by applicat...

6.5CVSS6.4AI score0.00624EPSS