Vulnerabilities > GNU > Coreutils > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-06 | CVE-2024-0684 | Out-of-bounds Write vulnerability in GNU Coreutils 9.2/9.3/9.4 A flaw was found in the GNU coreutils "split" program. | 5.5 |
| 2018-01-04 | CVE-2017-18018 | Race Condition vulnerability in GNU Coreutils In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition. | 4.7 |
| 2017-09-20 | CVE-2015-1865 | Race Condition vulnerability in GNU Coreutils 8.4 fts.c in coreutils 8.4 allows local users to delete arbitrary files. | 4.7 |
| 2017-02-07 | CVE-2016-2781 | Improper Input Validation vulnerability in GNU Coreutils chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. | 6.5 |