Filtered by vendor Mozilla Subscriptions
Filtered by product Sccache Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-1521 1 Mozilla 1 Sccache 2024-11-27 7.8 High
On Linux the sccache client can execute arbitrary code with the privileges of a local sccache server, by preloading the code in a shared library passed to LD_PRELOAD. If the server is run as root (which is the default when installing the snap package https://snapcraft.io/sccache ), this means a user running the sccache client can get root privileges.