CVE-2024-55566

Published Dec 9, 2024

Last updated 2 months ago

CVSS medium 6.6

Overview

Description: ColPack 1.0.10 through 9a7293a has a predictable temporary file (located under /tmp with a name derived from an unseeded RNG). The impact can be overwriting files or making ColPack graphing unavailable to other users.
Source: cve@mitre.org
NVD status: Awaiting Analysis

Risk scores

CVSS 3.1

Type: Secondary
Base score: 6.6
Impact score: 5.2
Exploitability score: 1.3
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
Severity: MEDIUM

Weaknesses

cve@mitre.org: CWE-335

Hype score: Not currently trending

CVE-2024-55566 Predictable Temp File Creation Vulnerability in ColPack 1.0.10-9a7293a ColPack versions 1.0.10 through 9a7293a have an issue with predictable temporary files. These files are located in the /tmp di... https://t.co/pVbpgyopwc
@VulmonFeeds
9 Dec 2024
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References