rpm package
opensuse/gummi&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/gummi&distro=openSUSE%20Tumbleweed
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-7758 | Low | 3.3 | < 0.7.4.3-2.6 | 0.7.4.3-2.6 | Jan 8, 2016 | Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by .thesis.tex.aux. |
- affected < 0.7.4.3-2.6fixed 0.7.4.3-2.6
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by .thesis.tex.aux.