Vulnerability CVE-2019-18837

Vulnerability CVE-2019-18837

Published: 2019-11-13 Modified: 2019-11-14

Description:

Type:

(Improper Link Resolution Before File Access ('Link Following'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
5/10	2.9/10	10/10

Affected software
Fedoraproject -> Fedora
Crun project -> CRUN

https://github.com/containers/crun/pull/173

https://github.com/containers/crun/releases/tag/0.10.5

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTA5SJUAKQUK6HRY2CZVJUIZP5BO3EOG/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITB2UNEGHXZUR3ATYHWPSK5LJB36N7AP/