VYPR
High severityNVD Advisory· Published May 27, 2021· Updated Aug 3, 2024

CVE-2021-31154

CVE-2021-31154

Description

pleaseedit in please before 0.4 uses predictable temporary filenames in /tmp and the target directory. This allows a local attacker to gain full root privileges by staging a symlink attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
pleasercrates.io
< 0.4.00.4.0

Affected products

1

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.