eroaster before 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file that is used as a lockfile.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eroaster | eroaster | 2.1.0 |
| eroaster | eroaster | 2.2.0 |
| eroaster | eroaster | 2.0.0 |