Vulnerability Details CVE-2018-19045
keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.1%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://bugzilla.suse.com/show_bug.cgi?id=1015141
- https://github.com/acassen/keepalived/commit/5241e4d7b177d0b6f073cfc9ed5444bf51ec89d6
- https://github.com/acassen/keepalived/commit/c6247a9ef2c7b33244ab1d3aa5d629ec49f0a067
- https://github.com/acassen/keepalived/issues/1048
- https://security.gentoo.org/glsa/201903-01
- https://bugzilla.suse.com/show_bug.cgi?id=1015141
- https://github.com/acassen/keepalived/commit/5241e4d7b177d0b6f073cfc9ed5444bf51ec89d6
- https://github.com/acassen/keepalived/commit/c6247a9ef2c7b33244ab1d3aa5d629ec49f0a067
- https://github.com/acassen/keepalived/issues/1048
- https://security.gentoo.org/glsa/201903-01
Products affected by CVE-2018-19045
-
cpe:2.3:a:keepalived:keepalived:2.0.8