GNS3 ubridge through 0.9.18 on macOS, as used in GNS3 server before 2.1.17, allows a local attacker to read arbitrary files because it handles configuration-file errors by printing the configuration file while executing in a setuid root context.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-06-23
Untrusted search path vulnerability in GNS3 1.2.3 allows local users to gain privileges via a Trojan horse uuid.dll in an unspecified directory.
CVSS Score
7.2
EPSS Score
0.002
Published
2015-05-18