CVE-2021-31997
published 2021-06-10CVE-2021-31997: A UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2, Factory allows local attackers to escalate from users…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
A UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2, Factory allows local attackers to escalate from users postorius or postorius-admin to root. This issue affects: openSUSE Leap 15.2 python-postorius version 1.3.2-lp152.1.2 and prior versions. openSUSE Factory python-postorius version 1.3.4-2.1 and prior versions.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | postorius | — | — |
| opensuse | factory | python-postorius – 1.3.4-2.1 | — |
| opensuse | leap_15.2 | python-postorius – 1.3.2-lp152.1.2 | — |
| opensuse | python-postorius | < 1.3.2-lp152.1.2 | 1.3.2-lp152.1.2 |
| opensuse | python-postorius | <= 1.3.4-2.1 | — |