rpm package
opensuse/guile&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/guile&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-8606 | Cri | 9.8 | < 2.0.13-2.1 | 2.0.13-2.1 | Jan 12, 2017 | The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack. | |
| CVE-2016-8605 | Med | 5.3 | < 2.0.13-2.1 | 2.0.13-2.1 | Jan 12, 2017 | The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create direct |
- affected < 2.0.13-2.1fixed 2.0.13-2.1
The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack.
- affected < 2.0.13-2.1fixed 2.0.13-2.1
The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create direct