Fuse Project Fuse vulnerabilities
2 known vulnerabilities affecting fuse_project/fuse.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1LOW1
Vulnerabilities
Page 1 of 1
CVE-2018-10906HIGHCVSS 7.8PoCfixed in 2.9.8≥ 3.0, < 3.2.52018-07-24
CVE-2018-10906 [HIGH] CWE-285 CVE-2018-10906: In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass
In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, acc
nvd
CVE-2015-3202LOWCVSS 3.6PoC≤ 2.9.22015-07-02
CVE-2015-3202 [LOW] CWE-264 CVE-2015-3202: fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount
fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature.
nvd