8 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-10374
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - perltidy through 20160302, as used by perlcritic, check-all-the-things, and other software, relies on the current working directory for certain output files and...
RHEL 7 : perltidy (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - perltidy: Uses current working directory without symlink-attack protection CVE-2016-10374 Note that Nessus has not...
RHEL 6 : perltidy (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perltidy: insecure temporary file creation CVE-2014-2277 - perltidy through 20160302, as used by...
Updated perltidy packages fix security vulnerability
perltidy relies on the current working directory for certain output files and does not have a symlink-attack protection mechanism, which allows local users to overwrite arbitrary files by creating a symlink CVE-2016-10374...
Fedora 26 : perltidy (2017-c76259ddea)
Cumulative bug-fix, enhancement and security update, including fix for CVE-2016-10374: perltidy relies on the current working directory for certain output files and did not have a symlink-attack protection mechanism, which allowed local users to overwrite arbitrary files by creating a symlink, as...
Fedora 24 : perltidy (2017-1f11501a9f)
Cumulative bug-fix, enhancement and security update, including fix for CVE-2016-10374: perltidy relies on the current working directory for certain output files and did not have a symlink-attack protection mechanism, which allowed local users to overwrite arbitrary files by creating a symlink, as...
Fedora 25 : perltidy (2017-a3c7d077c7)
Cumulative bug-fix, enhancement and security update, including fix for CVE-2016-10374: perltidy relies on the current working directory for certain output files and did not have a symlink-attack protection mechanism, which allowed local users to overwrite arbitrary files by creating a symlink, as...
CVE-2016-10374
perltidy through 20160302, as used by perlcritic, check-all-the-things, and other software, relies on the current working directory for certain output files and does not have a symlink-attack protection mechanism, which allows local users to overwrite arbitrary files by creating a symlink, as...