VDB
CVE-2023-1521
CVE-2023-1521
PUBLISHED
CVSS 7.800000190734863 HIGH
sccache vulnerable to privilege escalation if server is run as root
EPSS 0.32% · 55.6th percentile
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.32%
55.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | sccache | 0 |
| mozilla | sccache | 0 |
| mozilla | sccache | 0 |
| crates.io | sccache | 0 |
Exploit Intelligence
- rubbxalc/CVE-2023-1521 (github-poc)
- rubbxalc/CVE-2023-1521 (github-poc)
- rubbxalc/CVE-2023-1521 (github-poc)
- rubbxalc/CVE-2023-1521 (github-poc)
- rubbxalc/CVE-2023-1521 (github-poc)
- https://github.com/advisories/GHSA-x7fr-pg8f-93f5 (circl)
- https://securitylab.github.com/advisories/GHSL-2023-046_ScCache (nist-nvd)
Timeline
- May 30, 2023 CVE Published
- Nov 26, 2024 CVE Updated
- Nov 27, 2024 EPSS Score
- Dec 15, 2024 EPSS Score
- Jan 1, 2025 EPSS Score
- Jan 19, 2025 EPSS Score
- Feb 5, 2025 EPSS Score
- Mar 11, 2025 EPSS Score
- Mar 27, 2025 EPSS Score
- Mar 28, 2025 EPSS Score
- Mar 29, 2025 EPSS Score
- Mar 30, 2025 EPSS Score
References
- https://securitylab.github.com/advisories/GHSL-2023-046_ScCache third-party-advisory
- https://github.com/advisories/GHSA-x7fr-pg8f-93f5 vendor-advisory
- https://github.com/mozilla/sccache/security/advisories/GHSA-x7fr-pg8f-93f5 url
- https://nvd.nist.gov/vuln/detail/CVE-2023-1521 advisory
- https://github.com/mozilla/sccache package
- https://github.com/mozilla/sccache/releases/tag/v0.4.0 url