Vulnerabilities > Deepin
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-27 | CVE-2023-50255 | Path Traversal: '/dir/../filename' vulnerability in Deepin Deepin-Compressor Deepin-Compressor is the default archive manager of Deepin Linux OS. | 7.8 |
| 2023-12-22 | CVE-2023-50254 | Path Traversal vulnerability in Deepin Reader Deepin Linux's default document reader `deepin-reader` software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. | 7.8 |
| 2019-07-04 | CVE-2019-13229 | Link Following vulnerability in Deepin Clone deepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the Helper::getPartitionSizeInfo() function to write a log file as root, and follows symlinks there. | 5.5 |
| 2019-07-04 | CVE-2019-13228 | Link Following vulnerability in Deepin Deepin-Clone deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix() function to download an ISO file, and follows symlinks there. | 4.7 |
| 2019-07-04 | CVE-2019-13227 | Link Following vulnerability in Deepin Deepin-Clone In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone.log as root, and follows symlinks there. | 5.5 |
| 2019-07-04 | CVE-2019-13226 | Link Following vulnerability in multiple products deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/<block-dev-basename> in the Helper::temporaryMountDevice() function to temporarily mount a file system as root. | 7.0 |
| 2017-04-10 | CVE-2017-7622 | Missing Authorization vulnerability in Deepin Desktop Environment dde-daemon, the daemon process of DDE (Deepin Desktop Environment) 15.0 through 15.3, runs with root privileges and hardly does anything to identify the user who calls the function through D-Bus. | 8.8 |