Approved changes feed: RSS · Atom
cpe:2.3:a:mozilla:sccache:*:*:*:*:*:rust:*:*
part: a version: * update: *
| Vendor | Mozilla (be1b0d4e-21a7-5a25-9982-bbda6ef43ec1) |
|---|---|
| Product | Sccache (87a0abb4-5717-51cd-8fe8-5ce44d33483a) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | rust |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/mozilla/sccache |
purl2cpe | 2026-06-01 10:17:53.715879 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-1521 |
vulnerable | 2026-06-03 14:48:55.674998 |
Local Privilege Escalation in sccache
On Linux the sccache client can execute arbitrary code with the privileges of a local sccache server, by preloading the code in a shared library passed to LD_PRELOAD.
If the server is run as root (which is the default when installing the snap package https://snapcraft.io/sccache ), this means a user running the sccache client can get root privileges.
Published: 2024-11-26T11:15:59.434Z
Updated: 2024-11-26T20:45:48.176Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.