CVE-2024-55566

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-55566
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-55566.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-55566
Related
Published
2024-12-09T02:15:19Z
Modified
2025-01-14T09:29:18.860242Z
Summary
[none]
Details

ColPack 1.0.10 through 9a7293a has a predictable temporary file (located under /tmp with a name derived from an unseeded RNG). The impact can be overwriting files or making ColPack graphing unavailable to other users.

References

Affected packages

Debian:11 / colpack

Package

Name
colpack
Purl
pkg:deb/debian/colpack?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.0.10-5
1.0.10-6
1.0.10-7
1.0.10-7.1~exp1
1.0.10-7.1~exp2
1.0.10-7.1
1.0.10-8

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / colpack

Package

Name
colpack
Purl
pkg:deb/debian/colpack?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.0.10-7
1.0.10-7.1~exp1
1.0.10-7.1~exp2
1.0.10-7.1
1.0.10-8

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / colpack

Package

Name
colpack
Purl
pkg:deb/debian/colpack?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.0.10-7
1.0.10-7.1~exp1
1.0.10-7.1~exp2
1.0.10-7.1
1.0.10-8

Ecosystem specific

{
    "urgency": "unimportant"
}