cve/2019/CVE-2019-18899.md

### [CVE-2019-18899](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18899)
![](https://img.shields.io/static/v1?label=Product&message=Leap%2015.1&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=apt-cacher-ng%3C%203.1-lp151.3.3.1%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-269%3A%20Improper%20Privilege%20Management&color=brighgreen)

### Description

The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/Live-Hack-CVE/CVE-2019-18899
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2019-18899](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18899)`
			`![](https://img.shields.io/static/v1?label=Product&message=Leap%2015.1&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=apt-cacher-ng%3C%203.1-lp151.3.3.1%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-269%3A%20Improper%20Privilege%20Management&color=brighgreen)`

			`### Description`

			`The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/Live-Hack-CVE/CVE-2019-18899`