2 matches found
CVE-2019-3691
CVE-2019-3691 is a local privilege escalation in the munge packaging for SUSE Linux Enterprise Server 15 and openSUSE Factory, caused by a Symbolic Link (Symlink) Following issue. Affected Munge versions are prior to 0.5.13-4.3.1 on SLES 15 and prior to 0.5.13-6.1 on openSUSE Factory. The vulnera...
CVE-2026-25506
CVE-2026-25506 affects MUNGE: from version 0.5 up to 0.5.17, a local attacker can trigger a buffer overflow in munged to leak cryptographic key material from process memory, enabling forging of arbitrary MUNGE credentials and impersonation of users (including root) on services relying on MUNGE fo...