Moderate severityNVD Advisory· Published Jan 20, 2011· Updated Jun 16, 2026
CVE-2010-4338
CVE-2010-4338
Description
ocrodjvu 0.4.6-1 on Debian GNU/Linux allows local users to modify arbitrary files via a symlink attack on temporary files that are generated when Cuneiform is invoked as the OCR engine.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ocrodjvuPyPI | >= 0.4.6-1, < 0.4.6-2 | 0.4.6-2 |
Affected products
3- osv-coords2 versions
< 0.4.6-2+ 1 more
- (no CPE)range: < 0.4.6-2
- (no CPE)range: >= 0.4.6-1, < 0.4.6-2
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-5pjj-7m4p-wfh2ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2010-4338ghsaADVISORY
- bugs.debian.org/cgi-bin/bugreport.cginvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/64892nvdWEB
- web.archive.org/web/20200229160520/http://www.securityfocus.com/bid/45234ghsaWEB
- www.securityfocus.com/bid/45234nvd
News mentions
0No linked articles in our index yet.