2 matches found
CVE-2019-12779
CVE-2019-12779 affects libqb prior to 1.0.5, where IPC/tmp files are created with predictable names under /dev/shm and /tmp without O_EXCL, enabling local users to perform symlink attacks and overwrite arbitrary files. The vulnerability is local in scope with impact on integrity and availability ...
CVE-2023-39976
CVE-2023-39976 affects the libqb library. The issue is a buffer overflow in log_blackbox.c caused by not accounting for header size, affecting versions before 2.0.8. A fix is available in 2.0.8 (and advisories reference upgrading to mitigate). Exploitation details are not provided in the supplied...