CVE-2019-12449

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-12449

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-12449.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-12449

Related

Published

2019-05-29T17:29:00Z

Modified

2024-11-02T00:54:42.652812Z

Severity

5.7 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with GFILECOPYALLMETADATA) operations from admin:// to file:// URIs, because root privileges are unavailable.

References

Affected packages

Alpine:v3.7 / gvfs

Package

Name: gvfs
Purl: pkg:apk/alpine/gvfs?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.34.1-r1

Affected versions

1.*

1.6.6-r0

1.6.6-r1

1.6.6-r2

1.6.6-r3

1.7.2-r0

1.7.2-r1

1.8.1-r0

1.8.2-r0

1.8.2-r1

1.9.0-r0

1.9.0-r1

1.9.1-r0

1.9.1-r1

1.9.1-r2

1.9.1-r4

1.9.2-r0

1.12.3-r0

1.14.0-r0

1.14.0-r1

1.14.2-r0

1.16.0-r0

1.16.1-r0

1.16.2-r0

1.16.3-r0

1.18.2-r0

1.18.3-r0

1.18.3-r1

1.20.0-r0

1.20.1-r0

1.20.2-r0

1.22.1-r0

1.22.1-r1

1.22.2-r0

1.22.2-r1

1.22.2-r2

1.22.3-r0

1.24.1-r0

1.24.1-r1

1.24.2-r0

1.26.2-r0

1.26.3-r0

1.28.1-r0

1.28.2-r0

1.28.3-r0

1.30.0-r0

1.30.1-r0

1.30.3-r0

1.32.1-r0

1.33.3-r0

1.33.92-r0

1.34.1-r0

Alpine:v3.8 / gvfs

Package

Name: gvfs
Purl: pkg:apk/alpine/gvfs?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.36.1-r1

Affected versions

1.*

1.6.6-r0

1.6.6-r1

1.6.6-r2

1.6.6-r3

1.7.2-r0

1.7.2-r1

1.8.1-r0

1.8.2-r0

1.8.2-r1

1.9.0-r0

1.9.0-r1

1.9.1-r0

1.9.1-r1

1.9.1-r2

1.9.1-r4

1.9.2-r0

1.12.3-r0

1.14.0-r0

1.14.0-r1

1.14.2-r0

1.16.0-r0

1.16.1-r0

1.16.2-r0

1.16.3-r0

1.18.2-r0

1.18.3-r0

1.18.3-r1

1.20.0-r0

1.20.1-r0

1.20.2-r0

1.22.1-r0

1.22.1-r1

1.22.2-r0

1.22.2-r1

1.22.2-r2

1.22.3-r0

1.24.1-r0

1.24.1-r1

1.24.2-r0

1.26.2-r0

1.26.3-r0

1.28.1-r0

1.28.2-r0

1.28.3-r0

1.30.0-r0

1.30.1-r0

1.30.3-r0

1.32.1-r0

1.33.3-r0

1.33.92-r0

1.34.1-r0

1.34.1-r1

1.36.1-r0

Debian:11 / gvfs

Package

Name: gvfs
Purl: pkg:deb/debian/gvfs?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.38.1-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / gvfs

Package

Name: gvfs
Purl: pkg:deb/debian/gvfs?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.38.1-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / gvfs

Package

Name: gvfs
Purl: pkg:deb/debian/gvfs?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.38.1-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/gnome/gvfs

Affected ranges

Type: GIT
Repo: https://github.com/gnome/gvfs
Events: Introduced

8baec79ab9cb2cb86095b071f3a40f7f6a751ef6

Last affected

769d0b47a88eff3ca14d34346491b2961e17ecd5

Type: GIT
Repo: https://gitlab.gnome.org/GNOME/gvfs
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

409619412e11be146a31b9a99ed965925f1aabb8

Affected versions

1.*

1.10.0

1.11.0

1.11.1

1.11.2

1.11.3

1.11.4

1.11.5

1.12.0

1.12.1

1.13.0

1.13.1

1.13.2

1.13.3

1.13.4

1.13.5

1.13.6

1.13.7

1.13.8

1.13.9

1.14.0

1.15.0

1.15.1

1.15.2

1.15.3

1.15.4

1.16.0

1.17.0

1.17.1

1.17.2

1.17.3

1.17.90

1.18.0

1.18.1

1.18.2

1.19.1

1.19.2

1.19.3

1.19.4

1.19.5

1.19.90

1.20.0

1.21.1

1.21.2

1.21.3

1.21.4

1.21.90

1.21.92

1.22.0

1.23.1

1.23.2

1.23.3

1.23.4

1.23.90

1.23.92

1.24.0

1.25.1

1.25.2

1.25.3

1.25.4

1.25.4.1

1.25.90

1.25.91

1.25.92

1.26.0

1.26.1

1.26.1.1

1.26.2

1.27.3

1.27.4

1.27.90

1.27.91

1.27.92

1.28.0

1.28.1

1.29.1

1.29.2

1.29.3

1.29.4

1.29.90

1.29.91

1.29.92

1.3.1

1.3.2

1.3.3

1.3.4

1.3.5

1.3.6

1.30.0

1.31.1

1.31.2

1.31.3

1.31.4

1.31.90

1.31.91

1.31.92

1.32.0

1.33.1

1.33.3

1.33.90

1.33.91

1.33.92

1.34.0

1.35.1

1.35.2

1.35.3

1.35.4

1.35.90

1.35.91

1.35.92

1.36.0

1.37.1

1.37.2

1.37.4

1.37.90

1.37.91

1.38.0

1.39.1

1.39.3

1.39.4

1.39.90

1.39.91

1.39.92

1.4.0

1.40.0

1.41.1

1.41.2

1.5.1

1.5.2

1.5.3

1.5.4

1.5.5

1.6.0

1.6.1

1.6.2

1.6.3

1.6.4

1.6.5

1.7.0

1.7.1

1.7.2

1.7.3

1.9.0

1.9.1

1.9.2

1.9.3

1.9.4

1.9.5

Other

GVFS_0_0_1

GVFS_0_0_2

GVFS_0_1_0

GVFS_0_1_1

GVFS_0_1_10

GVFS_0_1_11

GVFS_0_1_2

GVFS_0_1_3

GVFS_0_1_4

GVFS_0_1_5

GVFS_0_1_6

GVFS_0_1_7

GVFS_0_1_8

GVFS_0_1_9

GVFS_0_2_0

GVFS_0_2_0_1

GVFS_0_2_1

GVFS_0_2_2

GVFS_0_2_4

GVFS_0_99_1

GVFS_0_99_2

GVFS_0_99_3

GVFS_0_99_4

GVFS_0_99_5

GVFS_0_99_6

GVFS_0_99_7

GVFS_1_1_1

GVFS_1_1_2

GVFS_1_1_3

GVFS_1_1_4

GVFS_1_1_5

GVFS_1_1_6

GVFS_1_1_7

GVFS_1_1_8

GVFS_1_2_1

GVFS_1_2_2