Vulnerabilities > Gentoo > Portage > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-21 | CVE-2019-20384 | Improper Preservation of Permissions vulnerability in Gentoo Portage Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/nagios/plugins directory by leveraging access to the nagios user account, because this directory is writable in between a call to emake and a call to fowners. | 2.1 |
| 2017-06-27 | CVE-2004-2778 | Permissions, Privileges, and Access Controls vulnerability in Gentoo Portage Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted commands via navigating to the affected directories, or executing the affected commands. | 3.6 |
| 2007-12-15 | CVE-2007-6249 | Information Exposure vulnerability in Gentoo Portage 2.0.51.22/2.1.1/2.1.3.10 etc-update in Portage before 2.1.3.11 on Gentoo Linux relies on the umask to set permissions for the merge file, often resulting in permissions weaker than those of the original files, which might allow local users to obtain sensitive information by reading the merge file. | 2.1 |