Fluid Attacks Database

Description

bogopass in bogofilter 0.9.0.4 allows local users to overwrite arbitrary files via a symlink attack on the bogopass temporary file.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	bogofilter	>=0 <0.9.0.5	0.9.0.5
debian 12	bogofilter	>=0 <0.9.0.5	0.9.0.5
debian 13	bogofilter	>=0 <0.9.0.5	0.9.0.5
debian 14	bogofilter	>=0 <0.9.0.5	0.9.0.5

Aliases

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.