6 matches found
CVE-2025-66384
app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmpname...
CVE-2025-66384
app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmpname...
CVE-2025-66384
CVE-2025-66384 affects MISP before v2.5.24. The vulnerability is due to flawed logic in app/Controller/EventsController.php when validating uploaded files, related to tmp_name. Impact is partial and includes high integrity impact per the CVSS data; exploitation details are not provided in the con...
PT-2025-48316
Name of the Vulnerable Software and Affected Versions MISP versions prior to 2.5.24 Description The software contains flawed logic when validating uploaded files, specifically concerning the tmp name parameter. This issue resides in the app/Controller/EventsController.php file. Recommendations...
EUVD-2025-199869
app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmpname...
Scientific Linux Security Update : rpm on SL7.x x86_64 (20141209)
It was found that RPM wrote file contents to the target installation directory under a temporary name, and verified its cryptographic signature only after the temporary file has been written completely. Under certain conditions, the system interprets the unverified temporary file contents and...