Skip to main content

Groonga Httpd

1 CVEs product

Monthly

CVE-2019-11675 HIGH This Week

The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because of unsafe interaction with logrotate. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Information Disclosure Debian Groonga Httpd
NVD
CVSS 3.0
7.0
EPSS
0.2%
EPSS 0% CVSS 7.0
HIGH This Week

The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because of unsafe interaction with logrotate. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Information Disclosure Debian +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy