VYPR
Moderate severityNVD Advisory· Published Jul 27, 2011· Updated Jun 16, 2026

CVE-2011-2185

CVE-2011-2185

Description

Fabric before 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on (1) a /tmp/fab.*.tar file or (2) certain other files in the top level of /tmp/.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
fabricPyPI
< 1.1.01.1.0

Affected products

12
  • Fabfile/Fabric11 versions
    cpe:2.3:a:fabfile:fabric:*:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:fabfile:fabric:*:*:*:*:*:*:*:*range: <=1.0.2
    • cpe:2.3:a:fabfile:fabric:0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:fabfile:fabric:0.9.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fabfile:fabric:0.9.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fabfile:fabric:0.9.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fabfile:fabric:0.9.4:*:*:*:*:*:*:*
    • cpe:2.3:a:fabfile:fabric:0.9.5:*:*:*:*:*:*:*
    • cpe:2.3:a:fabfile:fabric:0.9.6:*:*:*:*:*:*:*
    • cpe:2.3:a:fabfile:fabric:0.9.7:*:*:*:*:*:*:*
    • cpe:2.3:a:fabfile:fabric:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fabfile:fabric:1.0.1:*:*:*:*:*:*:*
  • ghsa-coords
    Range: < 1.1.0

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.