Vulnerabilities > Groonga

DATE CVE VULNERABILITY TITLE RISK
2019-05-02 CVE-2019-11675 Race Condition vulnerability in Groonga Groonga-Httpd 6.5.11
The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because of unsafe interaction with logrotate.
local
high complexity
groonga CWE-362
7.0