RSS   Vulnerabilities for 'Gource'   RSS

2019-11-07
 
CVE-2010-2449

CWE-20
 

 
Gource through 0.26 logs to a predictable file name (/tmp/gource-$UID.tmp), enabling attackers to overwrite an arbitrary file via a symlink attack.

 


Copyright 2024, cxsecurity.com

 

Back to Top