VYPR

Libcap

by Libcap Project

Source repositories

CVEs (5)

  • CVE-2025-1390MedFeb 18, 2025
    risk 0.40cvss 6.1epss 0.00

    The PAM module pam_cap.so of libcap configuration supports group names starting with “@”, during actual parsing, configurations not starting with “@” are incorrectly recognized as group names. This may result in nonintended users being granted an inherited capability…

  • CVE-2026-4878MedApr 9, 2026
    risk 0.37cvss 6.7epss 0.00

    A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an…

  • CVE-2023-2602Jun 6, 2023
    risk 0.00cvss epss 0.00

    A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.

  • CVE-2023-2603Jun 6, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.

  • CVE-2011-4099Feb 8, 2014
    risk 0.00cvss epss 0.00

    The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors.