CVE-2016-3106
NONE EPSS 56.4%
Published Apr 13, 20179y ago ยท Modified Jun 17, 20262w ago
Published Apr 13, 2017 9y ago
Last Modified Jun 17, 2026 2w ago
Description
Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner.
Threat Intelligence
EPSS Exploit Probability
56.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-362
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| pulpproject | pulp | 2.8.2-1 | any |
References 4
- openwall.com http://www.openwall.com/lists/oss-security/2016/04/18/11
- openwall.com http://www.openwall.com/lists/oss-security/2016/05/20/1
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=1324926
- pulp.plan.io https://pulp.plan.io/issues/1827
Remediation
- openwall.com http://www.openwall.com/lists/oss-security/2016/04/18/11
- openwall.com http://www.openwall.com/lists/oss-security/2016/05/20/1
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=1324926
- pulp.plan.io https://pulp.plan.io/issues/1827