CVE-2022-48682

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-48682

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48682.json

Published

2024-04-26T01:15:45Z

Modified

2024-04-27T02:00:46.635353Z

Details

In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink.

References

Affected packages

Git / github.com/adrianlopezroche/fdupes

Affected ranges

Type: GIT
Repo: https://github.com/adrianlopezroche/fdupes
Events: Introduced

0The exact introduced commit is unknown

Fixed

85680897148f1ac33b55418e00334116e419717f

Affected versions

2.*

2.0.0

fdupes-1.*

fdupes-1.51

v1.*

v1.6.0

v1.6.1

v2.*

v2.1.0

v2.1.1

v2.1.2