Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:5433
HistoryNov 15, 2017 - 7:13 a.m.

Arbitrary Code Execution

2017-11-1507:13:26
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6

0.0004 Low

EPSS

Percentile

10.1%

scala-compiler is vulnerable to arbitrary code execution. A malicious user can write and execute arbitrary scala class files on the system through the compiler daemon due to weak permissions for private files in /tmp/scala-devel/${USER:shared}/scalac-compile-server-port.

References