babiloo 2.0.9 before 2.0.11 creates temporary files with predictable names when downloading and unpacking dictionary files, allowing a local attacker to overwrite arbitrary files.
[
{
"product": "babiloo",
"vendor": "babiloo",
"versions": [
{
"status": "affected",
"version": "2.0.9 before 2.0.11"
}
]
}
]