Every CVE whose affected-product data names Google Fscrypt, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2018-6558 — CVSS 6.5 (medium): The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with…
CVE-2022-25326 — CVSS 5.5 (medium): fscrypt through v0.3.2 creates a world-writable directory by default when setting up a filesystem, allowing unprivileged users to exhaust…
CVE-2022-25327 — CVSS 5.5 (medium): The PAM module for fscrypt doesn't adequately validate fscrypt metadata files, allowing users to create malicious metadata files that…
CVE-2022-25328 — CVSS 5.0 (medium): The bash_completion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a…