CVE-2024-22029
published 2024-10-16CVE-2024-22029: Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tomcat10 | — | — |
| debian | tomcat9 | — | — |
| suse | container_suse_manager_5.0_x86_64_server_5.0.0-beta1.2.122 | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | opensuse_leap_15.5 | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | opensuse_tumbleweed | >= ? < 9.0.85-3.1 | 9.0.85-3.1 |
| suse | suse_enterprise_storage_7.1 | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_linux_enterprise_high_performance_computing_15_sp2-ltss | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_linux_enterprise_high_performance_computing_15_sp3-ltss | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_linux_enterprise_high_performance_computing_15_sp4-espos | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_linux_enterprise_high_performance_computing_15_sp4-ltss | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_linux_enterprise_high_performance_computing_15_sp5 | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_linux_enterprise_high_performance_computing_15_sp6 | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_linux_enterprise_module_for_web_and_scripting_15_sp5 | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_linux_enterprise_module_for_web_and_scripting_15_sp6 | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_linux_enterprise_server_15_sp2-ltss | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_linux_enterprise_server_15_sp3-ltss | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_linux_enterprise_server_15_sp4-ltss | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_linux_enterprise_server_15_sp5 | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_linux_enterprise_server_15_sp6 | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_linux_enterprise_server_for_sap_applications_15_sp2 | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_linux_enterprise_server_for_sap_applications_15_sp3 | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_linux_enterprise_server_for_sap_applications_15_sp4 | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_linux_enterprise_server_for_sap_applications_15_sp5 | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_linux_enterprise_server_for_sap_applications_15_sp6 | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
| suse | suse_manager_server_4.3 | >= ? < 9.0.85-150200.57.1 | 9.0.85-150200.57.1 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH