{"id":"CVE-2011-2185","details":"Fabric before 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on (1) a /tmp/fab.*.tar file or (2) certain other files in the top level of /tmp/.","aliases":["GHSA-xwg2-qc6c-7c3q","PYSEC-2026-808"],"modified":"2026-07-07T11:56:27.400326336Z","published":"2011-07-27T02:55:01Z","references":[{"type":"FIX","url":"http://code.fabfile.org/projects/fabric/files/Fabric-1.1.0.tar.gz"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=710462"},{"type":"WEB","url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629003"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062534.html"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2011/06/03/5"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2011/06/06/12"}],"schema_version":"1.7.5"}