mstdlib (aka the M Standard Library for C) 1.2.0 has...
Critical severity
Unreviewed
Published
May 13, 2022
to the GitHub Advisory Database
•
Updated Feb 2, 2023
Description
Published by the National Vulnerability Database
Jul 13, 2018
Published to the GitHub Advisory Database
May 13, 2022
Last updated
Feb 2, 2023
mstdlib (aka the M Standard Library for C) 1.2.0 has incorrect file access control in situations where M_fs_perms_can_access attempts to delete an existing file (that lacks public read/write access) during a copy operation, related to fs/m_fs.c and fs/m_fs_path.c. An attacker could create the file and then would have access to the data.
References