EUVD-2025-0139

Malicious code in bioql PyPI...

CVE-2024-45339

A flaw was found in glog, a logging library. This vulnerability allows an unprivileged attacker to overwrite sensitive files via a symbolic link planted in a widely writable directory, exploiting the log file path predictability. Mitigation Mitigation for this issue is either not available or the...

AZL-56075 CVE-2024-45339 affecting package vitess for versions less than 17.0.7-4

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

CVE-2024-45339

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

CVE-2024-45339

CVE-2024-45339 affects the Go glog package. The issue arises when logs are written to a widely-writable directory: an unprivileged attacker could predict a privileged process’s log path and pre-create a symlink to a sensitive file, causing the process to overwrite it. The fix is to have glog exit...

CVE-2024-45339 Vulnerability when creating log files in github.com/golang/glog

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...