VYPR

Guile

by GNU

CVEs (2)

  • CVE-2016-8606CriJan 12, 2017
    risk 0.64cvss 9.8epss 0.04

    The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack.

  • CVE-2016-8605MedJan 12, 2017
    risk 0.35cvss 5.3epss 0.03

    The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create…