nFPM is an alternative to fpm. The file permissions on the checked-in files were not maintained. Hence, when nfpm packaged
the files (without extra config for enforcing it’s own permissions) files could go out with bad permissions (chmod 666 or 777). Anyone using nfpm for creating packages without checking/setting file permissions before packaging could result in bad permissions for files/folders.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-05-30T03:56:30.807Z
Updated: 2024-08-02T15:25:36.897Z
Reserved: 2023-05-11T16:33:45.734Z
Link: CVE-2023-32698
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-05-30T04:15:10.187
Modified: 2023-06-06T19:29:45.097
Link: CVE-2023-32698
Redhat
No data.