VYPR

libqb

by Clusterlabs

CVEs (2)

  • CVE-2023-39976Aug 8, 2023
    risk 0.00cvss epss 0.01

    log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered.

  • CVE-2019-12779Jun 7, 2019
    risk 0.00cvss epss 0.01

    libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames (under /dev/shm and /tmp) without O_EXCL.