CVE-2022-35631
N/A
N/A
Summary
On MacOS and Linux, it may be possible to perform a symlink attack by replacing this predictable file name with a symlink to another file and have the Velociraptor client overwrite the other file. This issue was resolved in Velociraptor 0.6.5-2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Rapid7 | Velociraptor | 0.6.5-2 < 0.6.5-2 | affected |
Weaknesses
- CWE-377: CWE-377 Insecure Temporary File
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.