|
Vulnerabilities
< Back

CVE-2021-3800

Updated on 23 Aug 2022

Severity

5.5 Medium severity

Details

CVSS score
5.5
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE ID
Links
NISTCIRCLRHELUbuntu

Overview

About vulnerability

A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.

Details

Affected product:
CentOS 6 ELS , CentOS 7 ELS , CentOS 8.4 ELS , CentOS 8.5 ELS , CloudLinux 6 ELS , Debian 10 ELS , Oracle Linux 6 ELS , Ubuntu 16.04 ELS , Ubuntu 18.04 ELS
Affected packages:
glib2 @ 2.56.4-156 (+8 more)
A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.

Fixes