Vulnerability in Gentoo Portage

CVE-2004-2778

Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted commands via navigating to the affected dire…

EPSS: 0.003 (24.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.1 (High). Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2004-2778?
CVE-2004-2778 is a high-severity vulnerability in Gentoo Portage, classified under CWE-264. CVSS score: 7.1/10. Published 2017-06-27.
How severe is CVE-2004-2778?
High severity. CVSS v3 base score is 7.1 out of 10.