### [CVE-2019-18899](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18899)
![](https://img.shields.io/static/v1?label=Product&message=Leap%2015.1&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=apt-cacher-ng%3C%203.1-lp151.3.3.1%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-269%3A%20Improper%20Privilege%20Management&color=brighgreen)

### Description

The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/Live-Hack-CVE/CVE-2019-18899