Apache » Apache Commons Daemon : Security Vulnerabilities, CVEs, CVSS score >= 4
native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application.
Max CVSS
5.0
EPSS Score
0.20%
Published
2011-08-15
Updated
2023-02-13
1 vulnerabilities found