CVE-2020-8016

CWE-3673 documents3 sources

Severity

7.0HIGH

EPSS

0.1%

top 73.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Opensuse Opensuse Leap 15.1 Suse Suse Linux Enterprise Module FOR Desktop Applications 15-sp1 Suse Suse Linux Enterprise Software Development KIT 12-sp4 +2 more

Timeline

PublishedApr 2

Latest updateMay 24

Description

A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local users to corrupt files or potentially escalate privileges. This issue affects: SUSE Linux Enterprise Module for Desktop Applications 15-SP1 texlive-filesystem versions prior to 2017.135-9.5.1. SUSE L…

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 1.4 | Impact: 3.4

Affected Packages5 packages

▶CVEListV5suse/suse_linux_enterprise_software_development_kit_12-sp4texlive-filesystem — 2013.74-16.5.1

▶CVEListV5suse/suse_linux_enterprise_software_development_kit_12-sp5texlive-filesystem — 2013.74-16.5.1

▶CVEListV5suse/suse_linux_enterprise_module_for_desktop_applications_15-sp1texlive-filesystem — 2017.135-9.5.1

▶NVDopensuse/texlive-filesystem< 2017.135-9.5.1+2

▶CVEListV5opensuse/opensuse_leap_15.1texlive-filesystem — 2017.135-lp151.8.3.1

🔴Vulnerability Details

GHSA

GHSA-gw5h-q2x4-wff3: A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications↗2022-05-24

▶

CVEList

race condition in the packaging of texlive-filesysten↗2020-04-02

▶