Arqbackup Arq vulnerabilities
2 known vulnerabilities affecting arqbackup/arq.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2017-16895P3HIGHCVSS 7.8PoC≥ 5.0.0.65, < 5.102017-12-01
CVE-2017-16895 [HIGH] CWE-732 CVE-2017-16895: The (1) arq_updater, (2) arqcommitter, (3) standardrestorer, (4) arqglacierrestorer, and (5) arqs3gl
The (1) arq_updater, (2) arqcommitter, (3) standardrestorer, (4) arqglacierrestorer, and (5) arqs3glacierrestorer helper apps in Arq 5.x before 5.10 for Mac allow local users to gain root privileges via a crafted data packet.
nvd
CVE-2017-15357P3HIGHCVSS 7.4PoCfixed in 5.9.72017-12-01
CVE-2017-15357 [HIGH] CWE-59 CVE-2017-15357: The setpermissions function in the auto-updater in Arq before 5.9.7 for Mac allows local users to ga
The setpermissions function in the auto-updater in Arq before 5.9.7 for Mac allows local users to gain root privileges via a symlink attack on the updater binary itself.
nvd