CVE-2018-1196MEDIUMCVSS 5.9v1.5.0 - 1.5.9ยทv2.0.0.M1 - 2.0.0.M72018-03-19
CVE-2018-1196 [MEDIUM] CWE-59 CVE-2018-1196: Spring Boot supports an embedded launch script that can be used to easily run the application as a s
Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and earlier and 2.0.0.M1 through 2.0.0.M7 is susceptible to a symlink attack which allows the "run_user" to overwrite and take ownership of any file on the same system. In order t
cvelistv5nvd