CVE-2024-55566 MEDIUM

CVE-2024-55566

Vendor N/A
Product n/a
Weakness CWE-335
Published December 9, 2024
Last update April 4, 2025

CVSS base score

6.6/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H

What the vulnerability does

01Description

ColPack 1.0.10 through 9a7293a has a predictable temporary file (located under /tmp with a name derived from an unseeded RNG). The impact can be overwriting files or making ColPack graphing unavailable to other users.

Key dates

02Disclosure timeline

December 9, 2024 CVE published
April 4, 2025 Record updated