Skip to main content

Deepin Clone

4 CVEs product

Monthly

CVE-2019-13229 MEDIUM PATCH This Month

deepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the Helper::getPartitionSizeInfo() function to write a log file as root, and follows symlinks there. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Deepin Clone
NVD GitHub
CVSS 3.0
5.5
EPSS
0.4%
CVE-2019-13228 MEDIUM PATCH This Month

deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix() function to download an ISO file, and follows symlinks there. Rated medium severity (CVSS 4.7).

Privilege Escalation Deepin Clone
NVD GitHub
CVSS 3.0
4.7
EPSS
0.4%
CVE-2019-13227 MEDIUM PATCH This Month

In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone.log as root, and follows symlinks there. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Deepin Clone
NVD GitHub
CVSS 3.0
5.5
EPSS
0.4%
CVE-2019-13226 HIGH PATCH This Week

deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/<block-dev-basename> in the Helper::temporaryMountDevice() function to temporarily mount a file system as root. Rated high severity (CVSS 7.0).

Information Disclosure Deepin Clone Fedora
NVD GitHub
CVSS 3.1
7.0
EPSS
0.3%
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

deepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the Helper::getPartitionSizeInfo() function to write a log file as root, and follows symlinks there. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Deepin Clone
NVD GitHub
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix() function to download an ISO file, and follows symlinks there. Rated medium severity (CVSS 4.7).

Privilege Escalation Deepin Clone
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone.log as root, and follows symlinks there. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Deepin Clone
NVD GitHub
EPSS 0% CVSS 7.0
HIGH PATCH This Week

deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/<block-dev-basename> in the Helper::temporaryMountDevice() function to temporarily mount a file system as root. Rated high severity (CVSS 7.0).

Information Disclosure Deepin Clone Fedora
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy