RSS   Vulnerabilities for 'Libqb'   RSS

2019-06-07
 
CVE-2019-12779

CWE-59
 

 
libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames (under /dev/shm and /tmp) without O_EXCL.

 

 >>> Vendor: Clusterlabs 7 Products
Pacemaker
PCS
Pacemaker command line interface
Libqb
Fence-agents
Crmsh
Cluster glue


Copyright 2024, cxsecurity.com

 

Back to Top