Vulnerabilities > Fuse Project

DATE CVE VULNERABILITY TITLE RISK
2018-07-24 CVE-2018-10906 Improper Privilege Management vulnerability in multiple products
In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active.
local
low complexity
debian fuse-project redhat CWE-269
7.8
2015-07-02 CVE-2015-3202 Permissions, Privileges, and Access Controls vulnerability in multiple products
fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature.
local
low complexity
debian fuse-project CWE-264
3.6