buzz-captions@1.0.1 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the buzz-captions package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • L
Insecure Temporary File

Affected versions of this package are vulnerable to Insecure Temporary File through the use of the deprecated mktemp() function, there is a risk of race conditions. This occurs because the function generates a temporary file name without ensuring exclusive access, allowing an opportunity for an attacker to manipulate the file before it is opened by the original process.

This is only exploitable if the attacker has local access and the ability to execute their own code on the machine.

Note:

How to fix Insecure Temporary File?

There is no fixed version for buzz-captions.

[0,)