VDB
CVE-2022-41973
CVE-2022-41973
PUBLISHED
EPSS 0.23% · 46.1th percentile
Risk Scores
EPSS Score
0.23%
46.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amazon | device-mapper-multipath |
Exploit Intelligence
- http://packetstormsecurity.com/files/169611/Leeloo-Multipath-Authorization-Bypass-Symlink-Attack.html (nist-nvd)
- http://packetstormsecurity.com/files/170176/snap-confine-must_mkdir_and_open_with_perms-Race-Condition.html (nist-nvd)
- http://seclists.org/fulldisclosure/2022/Dec/4 (nist-nvd)
- http://www.openwall.com/lists/oss-security/2022/10/24/2 (nist-nvd)
- http://www.openwall.com/lists/oss-security/2022/11/30/2 (nist-nvd)
- https://www.qualys.com/2022/10/24/leeloo-multipath/leeloo-multipath.txt (nist-nvd)
- 20221030 Authorization bypass and symlink attack in multipathd (CVE-2022-41974 and CVE-2022-41973) (cve.org)
- Ubuntu Server snap-confine must_mkdir_and_open_with_perms() Race Condition Vulnerability (0day-today)
- Ubuntu Server snap-confine must_mkdir_and_open_with_perms() Race Condition Vulnerability (0day-today)
Timeline
- Oct 29, 2022 CVE Published
- Oct 30, 2022 EPSS Score
- Dec 10, 2022 PoC Published
- Dec 12, 2022 EPSS Score
- Jan 25, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 9, 2023 EPSS Score
- Apr 22, 2023 EPSS Score
- Jun 4, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Aug 30, 2023 EPSS Score
- Oct 12, 2023 EPSS Score