CVE-2019-18899

Summary

The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1.

Affected Software

VendorProductVersion RangeStatus
openSUSELeap 15.1apt-cacher-ng < 3.1-lp151.3.3.1affected

Weaknesses

  • CWE-269: CWE-269: Improper Privilege Management

ADP Enrichment

CVE Program Container

Additional References

References