cmdlineopts.clp in grml-debootstrap in Debian 0.54, 0.68.x before 0.68.1, 0.7x before 0.78 is sourced without checking that the local directory is writable by non-root users.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| grml | grml-debootstrap | 0.54 |
| grml | grml-debootstrap | 0.74 |
| grml | grml-debootstrap | 0.75 |
| grml | grml-debootstrap | 0.71 |
| grml | grml-debootstrap | 0.77 |
| grml | grml-debootstrap | 0.68 |
| grml | grml-debootstrap | 0.72 |
| grml | grml-debootstrap | 0.73 |
| grml | grml-debootstrap | 0.76 |
| grml | grml-debootstrap | 0.70 |