GNU userv 1.0.0 and earlier does not properly perform file descriptor swapping, which can corrupt the USERV_GROUPS and USERV_GIDS environmental variables and allow local users to bypass some access restrictions.
Max CVSS
4.6
EPSS Score
0.04%
Published
2000-10-20
Updated
2016-10-18
1 vulnerabilities found