PT-2017-11953 · Github · Yadm
Publicado
2017-07-17
·
Atualizado
2017-07-25
·
CVE-2017-11353
CVSS v3.1
5.9
Média
| Vetor | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
yadm version 1.10.0
Description
The issue is related to a race condition in the behavior of git commands when setting permissions for new files and directories. This potentially allows access to SSH and PGP keys.
Recommendations
For version 1.10.0, consider updating to a newer version that addresses the race condition issue, however, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Race Condition
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Yadm