CVE-2015-4155
GNU Parallel < 20150422 - Arbitrary File Write via Symlink Attack on Temporary File
Title source: llmDescription
GNU Parallel before 20150422, when using (1) --pipe, (2) --tmux, (3) --cat, (4) --fifo, or (5) --compress, allows local users to write to arbitrary files via a symlink attack on a temporary file.
References (3)
Core 3
Core References
Vendor Advisory mailing-list
x_refsource_mlist
http://lists.gnu.org/archive/html/parallel/2015-04/msg00045.html
Vendor Advisory mailing-list
x_refsource_mlist
http://lists.gnu.org/archive/html/parallel/2015-05/msg00024.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/74962
Scores
EPSS
0.0013
EPSS Percentile
32.3%
Details
CWE
CWE-59
Status
published
Products (1)
gnu/parallel
< 20150322
Published
Jun 02, 2015
Tracked Since
Feb 18, 2026