CVE-2017-15131

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: xdg-user-dirs versions prior to 0.15.5

Description: A issue was found where the system umask policy is not being honored when creating XDG user directories. This occurs because Xsession sources xdg-user-dirs.sh before setting the umask policy.

Recommendations: For versions prior to 0.15.5, update to version 0.15.5 or later to resolve the issue.

Fix

Improper Access Control

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-276

Related Identifiers

ALT-PU-2019-2846

ALT-PU-2019-2847

CESA-2018_0842

CVE-2017-15131

MGASA-2018-0215

RHSA-2018:0842

RHSA-2018_0842

Affected Products

Alt Linux

Centos

Debian

Red Hat

Xdg-User-Dirs

CVE-2017-15131

Weakness Enumeration

Related Identifiers

Affected Products

References · 14