Vulnerabilities > Gentoo > Portage > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-01-21 CVE-2019-20384 Race Condition vulnerability in Gentoo Portage
Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/nagios/plugins directory by leveraging access to the nagios user account, because this directory is writable in between a call to emake and a call to fowners.
local
low complexity
gentoo CWE-362
5.5
2004-12-31 CVE-2004-1901 Link Following vulnerability in Gentoo Linux and Portage
Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles.
local
low complexity
gentoo CWE-59
5.5