Clusterlabs: >> Libqb Security Vulnerabilities
log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-08-08
libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames (under /dev/shm and /tmp) without O_EXCL.
CVSS Score
7.1
EPSS Score
0.0
Published
2019-06-07