Clusterlabs Libqb vulnerabilities
2 known vulnerabilities affecting clusterlabs/libqb.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2023-39976CRITICALCVSS 9.8fixed in 2.0.82023-08-08
CVE-2023-39976 [CRITICAL] CWE-120 CVE-2023-39976: log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the head
log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered.
nvdosv
CVE-2019-12779HIGHCVSS 7.1fixed in 1.0.52019-06-07
CVE-2019-12779 [HIGH] CWE-59 CVE-2019-12779: libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it
libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames (under /dev/shm and /tmp) without O_EXCL.
nvdosv