2 matches found
Buffer Under-read
Overview Affected versions of this package are vulnerable to Buffer Under-read via the gettmpfile function of glib/gfileutils.c due to improper validation of file path lengths during temporary file operations. An attacker can manipulate file paths and access unauthorized data by supplying symboli...
Denial Of Service (DoS)
github.com/notaryproject/notation-go is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of temporary file operations during CRL cache updates, specifically the use of the os.Rename method, which fails when moving files across different mount points, allows an...