Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-25 | CVE-2015-3149 | Link Following vulnerability in Redhat products The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local users to write to arbitrary files via a symlink attack. | 5.5 |
| 2017-06-26 | CVE-2015-3315 | Link Following vulnerability in Redhat Automatic BUG Reporting Tool Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm. | 7.8 |
| 2017-06-09 | CVE-2017-9525 | Link Following vulnerability in multiple products In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs. | 6.7 |
| 2017-06-08 | CVE-2016-3108 | Link Following vulnerability in Pulpproject Pulp The pulp-gen-nodes-certificate script in Pulp before 2.8.3 allows local users to leak the keys or write to arbitrary files via a symlink attack. | 7.1 |
| 2017-06-08 | CVE-2017-8108 | Link Following vulnerability in Cisofy Lynis Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file. | 7.8 |
| 2017-06-07 | CVE-2015-6240 | Link Following vulnerability in Redhat Ansible The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack. | 7.8 |
| 2017-06-07 | CVE-2015-8326 | Link Following vulnerability in Iptables-Parse Project Iptables-Parse Module The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user. | 5.5 |
| 2017-06-07 | CVE-2015-7724 | Link Following vulnerability in AMD Fglrx-Driver 14.4.2/15.7 AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. | 7.8 |
| 2017-06-07 | CVE-2015-7723 | Link Following vulnerability in AMD Fglrx-Driver 14.4.2 AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack. | 7.8 |
| 2017-05-22 | CVE-2017-6981 | Link Following vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 7.8 |