CVE-2018-21269
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-21269
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-21269.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2018-21269
- Downstream
- Published
- 2020-10-27T04:15:10Z
- Modified
- 2025-10-15T09:34:58.663045Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
checkpath in OpenRC through 0.42.1 might allow local users to take ownership of arbitrary files because a non-terminal path component can be a symlink.
- References
Affected packages
Git / github.com/openrc/openrc
Affected ranges
- Type
- GIT
- Repo
- https://github.com/openrc/openrc
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
0.*
0.14
0.15
0.16
0.17
0.18
0.19
0.20
0.21
0.22
0.23
0.24
0.25
0.26
0.27
0.28
0.29
0.30
0.31
0.32
0.33
0.34
0.35
0.36
0.37
0.38
0.39
0.40
0.41
0.42
0.42.1
funtoo-openrc-0.*
funtoo-openrc-0.10
openrc-0.*
openrc-0.1
openrc-0.10
openrc-0.11
openrc-0.12
openrc-0.13
openrc-0.2
openrc-0.2.1
openrc-0.2.2
openrc-0.2.3
openrc-0.2.4
openrc-0.2.5
openrc-0.3.0
openrc-0.4.1
openrc-0.4.2
openrc-0.4.3
openrc-0.5.1
openrc-0.5.2
openrc-0.5.3
openrc-0.6.0
openrc-0.6.1
openrc-0.6.2
openrc-0.6.3
openrc-0.6.4
openrc-0.6.5
openrc-0.6.6
openrc-0.6.7
openrc-0.6.8
openrc-0.7.0
openrc-0.8.0
openrc-0.8.1
openrc-0.8.2
openrc-0.8.3
openrc-0.9.0
openrc-0.9.2
openrc-0.9.3
openrc-0.9.4
openrc-0.9.5
openrc-0.9.6
openrc-0.9.7
openrc-0.9.8
openrc-0.9.8.1
openrc-0.9.9