Back to bug 2083902
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Anten Skrabec | 2022-05-11 01:08:23 UTC | CC | agerstmayr, asoldano, bbaranow, bmaxwell, brian.stansberry, cdewolf, chazlett, darran.lofthouse, dkreling, dosoudil, extras-orphan, fjuma, grafana-maint, iweiss, jkurik, jochrist, jwon, kde-sig, krathod, lemenkov, lgao, me, mosmerov, msochure, msvehla, nathans, nwallace, pjindal, pmackay, rstancel, rsvoboda, smaestri, tom.jenkinson | |
| Anten Skrabec | 2022-05-11 01:09:01 UTC | Blocks | 2083903 | |
| Sandipan Roy | 2022-05-11 10:13:49 UTC | Flags | needinfo?(agerstmayr) | |
| Sandipan Roy | 2022-05-11 10:16:07 UTC | Depends On | 2084066 | |
| Patrick Del Bello | 2022-05-11 13:21:10 UTC | Doc Text | A flaw was found in GruntJS prior to 1.5.3 package during file.copy operations. This vulnerability is capable of arbitrary file writes which can lead to local privilege escalation to the GruntJS user if a lower-privileged user has write access to both source and destination directories as the lower-privileged user can create a symlink to the GruntJS user's .bashrc file or replace /etc/shadow file if the GruntJS user is root. | |
| RaTasha Tillery-Smith | 2022-05-11 15:34:07 UTC | Doc Text | A flaw was found in GruntJS prior to 1.5.3 package during file.copy operations. This vulnerability is capable of arbitrary file writes which can lead to local privilege escalation to the GruntJS user if a lower-privileged user has write access to both source and destination directories as the lower-privileged user can create a symlink to the GruntJS user's .bashrc file or replace /etc/shadow file if the GruntJS user is root. | A flaw was found in the GruntJS package during file.copy operations. This vulnerability is capable of arbitrary file writes, that can lead to local privilege escalation to the GruntJS user if a lower-privileged user has write access to both source and destination directories. This flaw allows a lower-privileged user to create a symlink to the GruntJS user's .bashrc file or replace /etc/shadow file if the GruntJS user is root. |
| Andreas Gerstmayr | 2022-05-13 15:46:43 UTC | Flags | needinfo?(agerstmayr) | |
| Red Hat Bugzilla | 2022-10-28 13:12:38 UTC | CC | krathod | |
| Red Hat Bugzilla | 2023-02-03 23:11:27 UTC | CC | ovanders | |
| Red Hat Bugzilla | 2023-07-07 08:31:17 UTC | Assignee | security-response-team | nobody |
Back to bug 2083902