CVE-2020-10236
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-10236
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-10236.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-10236
- Aliases
- Published
- 2020-03-09T16:15:12Z
- Modified
- 2024-05-15T01:11:29.725156Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in Froxlor before 0.10.14. It created files with static names in /tmp during installation if the installation directory was not writable. This allowed local attackers to cause DoS or disclose information out of the config files, because of _createUserdataConf in install/lib/class.FroxlorInstall.php.
- References
Affected packages
Git / github.com/froxlor/froxlor
Affected ranges
- Type
- GIT
- Repo
- https://github.com/froxlor/froxlor
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.10.0
0.10.0-rc1
0.10.0-rc2
0.10.1
0.10.10
0.10.11
0.10.12
0.10.13
0.10.2
0.10.3
0.10.4
0.10.5
0.10.6
0.10.7
0.10.8
0.10.9
0.9.18
0.9.18.1
0.9.19
0.9.20
0.9.20.1
0.9.21
0.9.22
0.9.22-rc1
0.9.23
0.9.23-rc1
0.9.24
0.9.24-rc1
0.9.25
0.9.25-rc1
0.9.26
0.9.26-rc1
0.9.27
0.9.27-rc1
0.9.28
0.9.28-rc1
0.9.28.1
0.9.29
0.9.29-rc1
0.9.30
0.9.30-rc1
0.9.31
0.9.31-rc1
0.9.31-rc2
0.9.31.1
0.9.31.2
0.9.32
0.9.32-rc1
0.9.32-rc2
0.9.33-rc1
0.9.33-rc2
0.9.33-rc3
0.9.34
0.9.34.1
0.9.34.2
0.9.35
0.9.35-rc1
0.9.35.1
0.9.36
0.9.37
0.9.37-rc1
0.9.38
0.9.38-rc1
0.9.38-rc2
0.9.38.1
0.9.38.2
0.9.38.3
0.9.38.4
0.9.38.5
0.9.38.6
0.9.38.7
0.9.38.8
0.9.39
0.9.39.1
0.9.39.2
0.9.39.3
0.9.39.4
0.9.39.5
0.9.40