CWE-62 - UNIX Hard Link

Description

The software, when opening a file or directory, does not sufficiently account for when the name is associated with a hard link to a target that is outside of the intended control sphere. This could allow an attacker to cause the software to operate on unauthorized files.

Latest vulnerabilities for CWE-62

Junos Space update for third-party components 2025-04-10
Critical Yes Public exploit

Autodesk InfraWorks update for third-party components 2024-10-03
High Yes Public exploit

Multiple vulnerabilities in Juniper Secure Analytics (JSA) 2024-09-10
High Yes Public exploit

Multiple vulnerabilities in IBM QRadar SIEM 2024-08-27
High Yes Public exploit

Multiple vulnerabilities in Dell Storage Resource Manager (SRM) and Dell Storage Monitoring and Reporting (SMR) 2024-07-30
Critical Yes Public exploit

Multiple vulnerabilities in Oracle Linux 2024-07-18
High Yes Public exploit

Oracle Solaris update for thrid-party components 2024-07-18
Critical Yes Public exploit

Multiple vulnerabilities in Git for Windows 2024-06-07
High Yes Public exploit

Multiple vulnerabilities in Git 2024-06-07
High Yes Public exploit

Multiple vulnerabilities in IBM Storage Fusion HCI 2024-01-29
High Yes

References

Description of CWE-62 on Mitre website