MidnightBSD

Advisories for mock_project

CVE-2016-6299 HIGH

The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
fedoraproject fedora 24
fedoraproject fedora 25
mock_project scm_plugin -
fedoraproject fedora 23