ALT Linux Team

Package zim-wiki update in sisyphus on 2020-12-10

ALT-PU-2020-3482-1

Package zim-wiki updated to version 0.73.4-alt1 for branch sisyphus in task 263139.

Closed vulnerabilities

Published: 2020-03-23
Modified: 2024-11-21

CVE-2020-10870

Zim through 0.72.1 creates temporary directories with predictable names. A malicious user could predict and create Zim's temporary directories and prevent other users from being able to start Zim, resulting in a denial of service.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top