Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-12 | CVE-2021-32555 | Link Following vulnerability in Canonical Ubuntu Linux It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. | 5.5 |
| 2021-06-12 | CVE-2021-32557 | Link Following vulnerability in Canonical Apport It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks. | 7.1 |
| 2021-06-09 | CVE-2021-0094 | Link Following vulnerability in Intel Driver & Support Assistant Improper link resolution before file access in Intel(R) DSA before version 20.11.50.9 may allow an authenticated user to potentially enable an escalation of privilege via local access. | 7.8 |
| 2021-05-26 | CVE-2020-15076 | Link Following vulnerability in Openvpn Private Tunnel Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp. | 7.8 |
| 2021-05-25 | CVE-2020-9452 | Link Following vulnerability in Acronis True Image 2020 24.5.22510 An issue was discovered in Acronis True Image 2020 24.5.22510. | 7.8 |
| 2021-05-14 | CVE-2020-27833 | Link Following vulnerability in Redhat Openshift Container Platform A Zip Slip vulnerability was found in the oc binary in openshift-clients where an arbitrary file write is achieved by using a specially crafted raw container image (.tar file) which contains symbolic links. | 7.1 |
| 2021-05-12 | CVE-2021-23872 | Link Following vulnerability in Mcafee Total Protection Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges by manipulating a symbolic link in the IOCTL interface. | 7.8 |
| 2021-05-06 | CVE-2020-28007 | Link Following vulnerability in Exim Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. | 7.8 |
| 2021-04-26 | CVE-2021-27851 | Link Following vulnerability in GNU Guix A security vulnerability that can lead to local privilege escalation has been found in ’guix-daemon’. | 5.5 |
| 2021-04-08 | CVE-2021-30463 | Link Following vulnerability in Vestacp Control Panel VestaCP through 0.9.8-24 allows attackers to gain privileges by creating symlinks to files for which they lack permissions. | 7.8 |