CVE-2021-3800
CVE-2021-3800
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
23 ago 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.
Productos afectados
n/a · GlibReferencias
https://access.redhat.com/security/cve/CVE-2021-3800https://bugzilla.redhat.com/show_bug.cgi?id=1938284https://gitlab.gnome.org/GNOME/glib/-/commit/3529bb4450a51995https://lists.debian.org/debian-lts-announce/2022/09/msg00020.htmlhttps://security.netapp.com/advisory/ntap-20221028-0004/https://www.openwall.com/lists/oss-security/2017/06/23/8