CVE-2019-3694
published 2020-01-24CVE-2019-3694: A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root. This issue affects: openSUSE Factory munin version 2.0.49-4.2 and prior versions. openSUSE Leap 15.1 munin version 2.0.40-lp151.1.1 and prior versions.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| opensuse | factory | munin – 2.0.49-4.2 | — |
| opensuse | leap_15.1 | munin – 2.0.40-lp151.1.1 | — |
| opensuse | munin | <= 2.0.49-4.2 | — |
| suse | munin | <= 2.0.40-lp151.1.1 | — |