Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
CVE-2013-4235
See a problem?
Please try reporting it
to the source
first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2013-4235
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2013-4235.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2013-4235
Downstream
DEBIAN-CVE-2013-4235
OESA-2023-1828
OESA-2023-1849
OESA-2023-1850
OESA-2023-1851
OESA-2023-1852
SUSE-SU-2024:2603-1
SUSE-SU-2024:2630-1
SUSE-SU-2024:2648-1
SUSE-SU-2024:2657-1
SUSE-SU-2024:2658-1
SUSE-SU-2024:2659-1
SUSE-SU-2024:2804-1
SUSE-SU-2024:2805-1
SUSE-SU-2024:2806-1
SUSE-SU-2024:2807-1
SUSE-SU-2024:2808-1
SUSE-SU-2024:2809-1
SUSE-SU-2025:0292-1
UBUNTU-CVE-2013-4235
USN-5745-1
openSUSE-SU-2024:11749-1
Related
MGASA-2022-0455
SUSE-SU-2024:2603-1
SUSE-SU-2024:2630-1
SUSE-SU-2024:2648-1
SUSE-SU-2024:2657-1
SUSE-SU-2024:2658-1
SUSE-SU-2024:2659-1
SUSE-SU-2024:2804-1
SUSE-SU-2024:2805-1
SUSE-SU-2024:2806-1
SUSE-SU-2024:2807-1
SUSE-SU-2024:2808-1
SUSE-SU-2024:2809-1
SUSE-SU-2025:0292-1
openSUSE-SU-2024:11749-1
Published
2019-12-03T15:15:10Z
Modified
2025-08-09T20:01:27Z
Severity
4.7 (Medium)
CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
CVSS Calculator
Summary
[none]
Details
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees
References
https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://security-tracker.debian.org/tracker/CVE-2013-4235
https://security.gentoo.org/glsa/202210-26
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
Affected packages
CVE-2013-4235 - OSV