The clang-extra module installs LLVM's clang-extra tools. clang-extra downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker...
8.1CVSS
8.3AI Score
0.002EPSS
The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable...
6AI Score
0.0004EPSS