2 matches found
GHSA-PP74-39W2-V4W9 Permissions bypass in pleaser
pleaseedit in pleaser before 0.4.0 uses predictable temporary filenames in /tmp and the target directory. This allows a local attacker to gain full root privileges by staging a symlink attack...
GHSA-F3FG-5J9P-VCHC File exposure in pleaser
pleaser before 0.4.0 allows a local unprivileged attacker to gain knowledge about the existence of files or directories in privileged locations via the searchpath function, the --check option, or the -d option...