Homepage

greenbids-tailor@0.2.4 vulnerabilities

Bring traffic shaping to your own cloud

  • latest version

    0.3.1

  • latest non vulnerable version

    0.3.1

  • first published

    3 months ago

  • latest version published

    16 days ago

  • licenses detected

  • View greenbids-tailor package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the greenbids-tailor package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Insecure Temporary File

    greenbids-tailor is a Bring traffic shaping to your own cloud

    Affected versions of this package are vulnerable to Insecure Temporary File due to the use of a world-writable directory (/tmp) for the download lock file (greenbids-tailor-download.lock). This setup could allow local attackers with system access to manipulate the lock file, potentially causing denial of service by disrupting the download process. The vulnerability arises from storing lock files in directories with permissive access controls.

    How to fix Insecure Temporary File?

    Upgrade greenbids-tailor to version 0.2.5 or higher.

    [,0.2.5)
    Go back to all versions of this package