GSD-2021-1000010

Source
https://data.gsd.id/GSD-2021-1000010
Import Source
https://github.com/cloudsecurityalliance/gsd-database/blob/main/2021/1000xxx/GSD-2021-1000010.json
JSON Data
https://api.osv.dev/v1/vulns/GSD-2021-1000010
Withdrawn
2023-03-14T07:04:18.324606Z
Published
2021-05-31T15:39:45.031586Z
Modified
2023-03-14T07:04:18.324606Z
Summary
temporary file creation (CWE-379) in fabric-samples version Prior to commit 6bccc138887b3dbd9dc920bad200068b11066ef7
Details

In Hyperledger fabric-samples version Prior to commit 6bccc138887b3dbd9dc920bad200068b11066ef7 a temporary file creation (CWE-379) exists in the digibank.sh and magnetocorp.sh that can be attacked via Local resulting in Information disclosure of all environmental variables

References

Affected packages