Pesignproject Pesign
By the Year
In 2024 there have been 0 vulnerabilities in Pesignproject Pesign . Last year Pesign had 1 security vulnerability published. Right now, Pesign is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 1 | 5.50 |
2022 | 1 | 3.30 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Pesign vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Pesignproject Pesign Security Vulnerabilities
A flaw was found in pesign
CVE-2022-3560
5.5 - Medium
- February 02, 2023
A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign' group. However, the script doesn't check for symbolic links. This could allow an attacker to gain access to privileged files and directories via a path traversal attack.
Directory traversal
A NULL pointer dereference flaw was found in pesign's cms_set_pw_data() function of the cms_common.c file
CVE-2022-1249
3.3 - Low
- April 29, 2022
A NULL pointer dereference flaw was found in pesign's cms_set_pw_data() function of the cms_common.c file. The function fails to handle the NULL pwdata invocation from daemon.c, which leads to an explicit NULL dereference and crash on all attempts to daemonize pesign.
NULL Pointer Dereference
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Pesignproject Pesign or by Pesignproject? Click the Watch button to subscribe.