Vulnerabilities (CVE)

Filtered by vendor Cloudlinux Subscribe
Filtered by product Cagefs
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-36772 1 Cloudlinux 1 Cagefs 2024-11-21 N/A 4.4 MEDIUM
CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail proxy command. This allows local users to read and write arbitrary files of certain file formats outside the CageFS environment.
CVE-2020-36771 1 Cloudlinux 1 Cagefs 2024-11-21 N/A 7.8 HIGH
CloudLinux CageFS 7.1.1-1 or below passes the authentication token as a command line argument. In some configurations this allows local users to view the authentication token via the process list and gain code execution as another user.