Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-yz54-qw15-9ubb

Summary The fseventsd daemon serves to watch and handle notifications passed via the FSEvents API in Apple's Mac OS. The daemon is responsible for insecurely creating several files when disks are mounted inside the mountpoint’s .fseventsd directory.

Aliases

alias	CVE-2022-32819

alias	MNDT-2022-0033

Fixed_packages

Affected_packages

References

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32819

reference_url	https://support.apple.com/en-us/HT213345
reference_id
reference_type
scores
url	https://support.apple.com/en-us/HT213345

Weaknesses

cwe_id	61
name	UNIX Symbolic Link (Symlink) Following
description	The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files.

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yz54-qw15-9ubb

Vulnerability Instance