Findings for Container Security, Low, [TheRedHatter/javagoof:Dockerfile]:Race Condition
Created by: armorcodegithubpreprod[bot]
Findings for Container Security, Low, [TheRedHatter/javagoof:Dockerfile]:Race Condition
Component Details
- Exploit Maturity: no-known-exploit
- Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): >*
- Vulnerable Path: >null
NVD Description
Note:
Versions mentioned in the description apply to the upstream coreutils
package.
In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.
References
- CVE Details
- Debian Security Tracker
- http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html
Origin : null Type : null Image Id : null
Snyk Project Status: Active