VYPR

rpm package

suse/storeBackup&distro=SUSE Package Hub 15 SP1

pkg:rpm/suse/storeBackup&distro=SUSE%20Package%20Hub%2015%20SP1

Vulnerabilities (1)

  • CVE-2020-7040Jan 21, 2020
    affected < 3.5-bp151.4.3.1fixed 3.5-bp151.4.3.1

    storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manual