| Max CVSS | 6.8 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-12449 | 3.5 |
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges
|
24-08-2020 - 17:37 | 29-05-2019 - 17:29 | |
| CVE-2019-12447 | 4.9 |
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used.
|
24-08-2020 - 17:37 | 29-05-2019 - 17:29 | |
| CVE-2019-12795 | 4.6 |
daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue
|
24-08-2020 - 17:37 | 11-06-2019 - 22:29 | |
| CVE-2019-12448 | 6.8 |
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement query_info_on_read/write.
|
08-07-2019 - 00:15 | 29-05-2019 - 17:29 |