RPM Package Manager 4.18

CPE Details

RPM Package Manager 4.18
4.18
2022-08-30
10h34 +00:00
2022-09-27
13h42 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:rpm:rpm:4.18:*:*:*:*:*:*:*

Informations

Vendor

rpm

Product

rpm

Version

4.18

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-35937 2022-08-24 22h00 +00:00 A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
6.4
Medium
CVE-2021-35938 2022-08-24 22h00 +00:00 A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
6.7
Medium