keycloak-httpd-client-install versions before 0.8 insecurely creates temporary file allowing local attackers to overwrite other files via symbolic link.
CVSS 2.0
Severity: LOW
Problem Type: CWE-377,CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| keycloak-httpd-client-install_project | keycloak-httpd-client-install | * |
keycloak-httpd-client-install versions before 0.8 allow users to insecurely pass password through command line, leaking it via command history and process info to other local users.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| keycloak-httpd-client-install_project | keycloak-httpd-client-install | * |