{"id":"CVE-2016-9595","details":"A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files.","modified":"2026-05-28T04:03:35.483429496Z","published":"2018-07-27T18:29:00.237Z","database_specific":{"unresolved_ranges":[{"cpes":["cpe:2.3:a:redhat:satellite:6.3:*:*:*:*:*:*:*"],"vendor_product":"redhat:satellite","extracted_events":[{"last_affected":"6.3"}],"source":"CPE_STRING"},{"source":"CPE_STRING","vendor_product":"redhat:satellite_capsule","extracted_events":[{"last_affected":"6.3"}],"cpes":["cpe:2.3:a:redhat:satellite_capsule:6.3:*:*:*:*:*:*:*"]}]},"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:0336"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9595"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/katello/katello","events":[{"introduced":"0"},{"fixed":"600b173da31275e2b6852faf0dd59feb1d2fdb8f"}],"database_specific":{"cpe":"cpe:2.3:a:theforeman:katello:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"fixed":"3.4.0"}],"source":"CPE_RANGE"}}],"versions":["3.4.0.rc2","2.4.0-RC1","rubygem-katello-2.4.0-2","rubygem-katello-2.4.0-1","rubygem-katello-2.3.0-2","katello-2.3.0-1","rubygem-katello-2.3.0-1","rubygem-katello-2.2.0-2","katello-2.2.0-1","rubygem-katello-2.2.0-1","rubygem-katello-1.5.0-11","rubygem-katello-2.0.0-1","katello-2.1.0-1","rubygem-katello-2.1.0-1","katello-2.0.0-0","rubygem-katello-1.5.0-12","rubygem-katello-1.5.0-10","katello-1.5.0-14","katello-1.5.0-13","katello-1.5.0-12","rubygem-katello-1.5.0-9","katello-1.4.9-1","katello-1.5.1-1","katello-1.4.7-1","katello-1.4.8-1","katello-1.4.6-1","katello-1.4.5-1","katello-1.4.4-1","katello-1.4.3-1","katello-1.4.2-1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-9595.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}]}