Deepin

Deepin-clone

3 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7

CVE-2019-13226

  • EPSS 0.05%
  • Published 04.07.2019 12:15:10
  • Last modified 21.11.2024 04:24:29

deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/<block-dev-basename> in the Helper::temporaryMountDevice() function to temporarily mount a file system as root. An unprivileged user can prepare a symlink at this location to ...

6.6

CVE-2019-13227

  • EPSS 0.08%
  • Published 04.07.2019 12:15:10
  • Last modified 21.11.2024 04:24:29

In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone.log as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system loca...

6.6

CVE-2019-13228

  • EPSS 0.1%
  • Published 04.07.2019 12:15:10
  • Last modified 21.11.2024 04:24:29

deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix() function to download an ISO file, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file sy...