Vulnerabilities > Fuse Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-07-24 | CVE-2018-10906 | Improper Privilege Management vulnerability in multiple products In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. | 7.8 |
2015-07-02 | CVE-2015-3202 | Permissions, Privileges, and Access Controls vulnerability in multiple products fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature. | 3.6 |