VYPR

Cagefs

by Cloudlinux OS

CVEs (2)

  • CVE-2020-36771HigJan 22, 2024
    risk 0.51cvss 7.8epss 0.00

    CloudLinux CageFS 7.1.1-1 or below passes the authentication token as a command line argument. In some configurations this allows local users to view the authentication token via the process list and gain code execution as another user.

  • CVE-2020-36772MedJan 22, 2024
    risk 0.29cvss 4.4epss 0.00

    CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail proxy command. This allows local users to read and write arbitrary files of certain file formats outside the CageFS environment.