exploitDog

CVE-2016-3106

Опубликовано: 13 апр. 2017

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner.

Ссылки

http://www.openwall.com/lists/oss-security/2016/04/18/11
Mailing List
Patch
Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/05/20/1
Mailing List
Patch
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1324926
Issue Tracking
Patch
https://pulp.plan.io/issues/1827
Issue Tracking
Patch
Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/04/18/11
Mailing List
Patch
Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/05/20/1
Mailing List
Patch
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1324926
Issue Tracking
Patch
https://pulp.plan.io/issues/1827
Issue Tracking
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pulpproject:pulp:2.8.2-1:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.00245

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-362

Связанные уязвимости

CVE-2016-3106

redhat

больше 9 лет назад

Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner.

GHSA-mjm3-39h3-6qgg

CVSS3: 5.3

github

больше 3 лет назад

Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner.

EPSS

Процентиль: 48%

0.00245

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-362