| Max CVSS | 6.9 | Min CVSS | 6.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-13226 | 6.9 |
deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/<block-dev-basename> in the Helper::temporaryMountDevice() function to temporarily mount a file system as root. An unprivileged user can prepare a symlink at this location to
|
18-04-2022 - 16:56 | 04-07-2019 - 12:15 | |
| CVE-2019-13229 | 6.6 |
deepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the Helper::getPartitionSizeInfo() function to write a log file as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite file
|
14-08-2019 - 11:25 | 04-07-2019 - 12:15 | |
| CVE-2019-13228 | 6.6 |
deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix() function to download an ISO file, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file sy
|
28-07-2019 - 03:15 | 04-07-2019 - 12:15 | |
| CVE-2019-13227 | 6.6 |
In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone.log as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system loca
|
28-07-2019 - 03:15 | 04-07-2019 - 12:15 |