A logged in user may elevate its permissions by abusing a...
High severity
Unreviewed
Published
Oct 25, 2023
to the GitHub Advisory Database
•
Updated Nov 9, 2023
Description
Published by the National Vulnerability Database
Oct 25, 2023
Published to the GitHub Advisory Database
Oct 25, 2023
Last updated
Nov 9, 2023
A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system.
References