Groonga Httpd
1 CVEs
product
Monthly
The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because of unsafe interaction with logrotate. Rated high severity (CVSS 7.0). No vendor patch available.
Race Condition
Information Disclosure
Debian
Groonga Httpd
NVD
CVSS 3.0
7.0
EPSS
0.2%
EPSS 0%
CVSS 7.0
HIGH
This Week
The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because of unsafe interaction with logrotate. Rated high severity (CVSS 7.0). No vendor patch available.
Race Condition
Information Disclosure
Debian
+1
NVD