Security Advisory

CVE-2022-31256

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-10-26 08:55:09

Last updated 2025-05-09 19:11:55

Assigner suse

State PUBLISHED

Description

A Improper Link Resolution Before File Access (Link Following) vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1.

← Browse all CVEs View on cve.org ↗