Total vulnerabilities in the database
libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line.
| Software | From | Fixed in |
|---|---|---|
| libosinfo / libosinfo | 1.5.0 | 1.5.0.x |
| fedoraproject / fedora | 29 | 29.x |
| fedoraproject / fedora | 30 | 30.x |
| redhat / enterprise_linux | 8.0 | 8.0.x |
| redhat / enterprise_linux_eus | 8.1 | 8.1.x |
| redhat / enterprise_linux_eus | 8.2 | 8.2.x |
| redhat / enterprise_linux_server_tus | 8.2 | 8.2.x |
| redhat / enterprise_linux_server_aus | 8.2 | 8.2.x |
| redhat / enterprise_linux_server_tus | 8.4 | 8.4.x |
| redhat / enterprise_linux_eus | 8.4 | 8.4.x |
| redhat / enterprise_linux_server_aus | 8.4 | 8.4.x |
| redhat / enterprise_linux_server_aus | 8.6 | 8.6.x |
| redhat / enterprise_linux_server_tus | 8.6 | 8.6.x |
| redhat / enterprise_linux_eus | 8.6 | 8.6.x |