osquery

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description SQL powered operating system instrumentation, monitoring, and analytics
Version 5.0.1-3 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1367 4.5.1-8 4.6.0-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2020-26273 AVG-1367 Medium No Arbitrary filesystem access
In osquery before version 4.6.0, by using sqlite's ATTACH verb, someone with administrative access to osquery can cause reads and writes to arbitrary sqlite...