2.1 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
0.0004 Low
EPSS
Percentile
5.2%
Eric Romang reports a temporary file creation vulnerability
within heartbeat. The vulnerability is caused by hardcoded
temporary file usage. This can cause an attacker to create
an arbitrary symlink causing the application to overwrite the
symlinked file with the permissions of the user executing the
application.