Unrated severityNVD Advisory· Published Jan 23, 2020· Updated Sep 17, 2024
apt-cacher-ng insecure use of /run/apt-cacher-ng
CVE-2019-18899
Description
The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: <3.1-lp151.3.3.1
- osv-coords2 versionspkg:rpm/opensuse/apt-cacher-ng&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/apt-cacher-ng&distro=SUSE%20Package%20Hub%2015%20SP1
< 3.1-lp151.3.3.1+ 1 more
- (no CPE)range: < 3.1-lp151.3.3.1
- (no CPE)range: < 3.1-bp151.4.3.1
Patches
Vulnerability mechanics
References
3- lists.opensuse.org/opensuse-security-announce/2020-01/msg00057.htmlmitrevendor-advisory
- lists.opensuse.org/opensuse-security-announce/2020-01/msg00065.htmlmitrevendor-advisory
- bugzilla.suse.com/show_bug.cgimitre
News mentions
0No linked articles in our index yet.