CVE-2022-41950
6.4
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
super-xray is the GUI alternative for vulnerability scanning tool xray. In 0.2-beta, a privilege escalation vulnerability was discovered. This caused inaccurate default xray permissions. Note: this vulnerability only affects Linux and Mac OS systems. Users should upgrade to super-xray 0.3-beta.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| 4ra1n | super-xray | < 0.3-beta | affected |
Weaknesses
- CWE-250: CWE-250: Execution with Unnecessary Privileges
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/4ra1n/super-xray/security/advisories/GHSA-2g28-xrw6-fq5f
- https://github.com/4ra1n/super-xray/releases/tag/0.3-beta
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: total
References
- https://github.com/4ra1n/super-xray/security/advisories/GHSA-2g28-xrw6-fq5f
- https://github.com/4ra1n/super-xray/releases/tag/0.3-beta
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.