彙總 storebackup 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
常見弱點模式包括 路徑處理缺陷,在 軟體部署與生產負載 使用場景中可能帶來 檔案覆寫 等風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2020-7040 | storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that file.) | [email protected] | 8.1 | 2.87% | 2020-01-21 | 2026-06-16 |
| CVE-2005-3148 | StoreBackup before 1.19 does not properly set the uid and guid for symbolic links (1) that are backed up by storeBackup.pl, or (2) recovered by storeBackupRecover.pl, which could cause files to be restored with incorrect ownership. | [email protected] | 4.6 | 0.38% | 2005-10-05 | 2026-06-16 |
| CVE-2005-3147 | StoreBackup before 1.19 creates the backup root with world-readable permissions, which allows local users to obtain sensitive information. | [email protected] | 2.1 | 0.36% | 2005-10-05 | 2026-06-16 |
| CVE-2005-3146 | StoreBackup before 1.19 allows local users to perform unauthorized operations on arbitrary files via a symlink attack on temporary files. | [email protected] | 2.1 | 0.36% | 2005-10-05 | 2026-06-16 |