{"id":"CVE-2016-3108","details":"The pulp-gen-nodes-certificate script in Pulp before 2.8.3 allows local users to leak the keys or write to arbitrary files via a symlink attack.","modified":"2026-04-10T03:49:22.595576Z","published":"2017-06-08T18:29:00.327Z","references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHBA-2016:1501"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2016/05/20/1"},{"type":"REPORT","url":"https://bugzilla.redhat.com/attachment.cgi?id=1146475"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1325934"},{"type":"FIX","url":"https://github.com/pulp/pulp/pull/2528"},{"type":"FIX","url":"https://pulp.plan.io/issues/1830"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/pulp/pulp","events":[{"introduced":"0"},{"last_affected":"ccf2d80823cd555be0b19e0759458b79b255ea6b"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.8.2-1"}]}}],"versions":["build-0.0.332","build-0.0.333","build-0.0.334","build-0.0.335","build-0.0.336-1","build-0.0.338-1","build-0.0.339-1","build-0.0.340-1","build-0.0.341-1","build-0.331","build-2.1.0-0.1.alpha","build-2.1.0-0.10.alpha","build-2.1.0-0.12.alpha","build-2.1.0-0.13.alpha","build-2.1.0-0.14.alpha","build-2.1.0-0.16.alpha","build-2.1.0-0.17.alpha","build-2.1.0-0.18.alpha","build-2.1.0-0.19.alpha","build-2.1.0-0.2.alpha","build-2.1.0-0.3.alpha","build-2.1.0-0.4.alpha","build-2.1.0-0.5.alpha","build-2.1.0-0.7.alpha","build-2.1.0-0.8.alpha","build-2.1.0-0.9.alpha","build-2.2.0-0.1.alpha","build-2.2.0-0.10.alpha","build-2.2.0-0.11.alpha","build-2.2.0-0.12.alpha","build-2.2.0-0.13.alpha","build-2.2.0-0.14.alpha","build-2.2.0-0.16.alpha","build-2.2.0-0.2.alpha","build-2.2.0-0.3.alpha","build-2.2.0-0.5.alpha","build-2.2.0-0.8.alpha","build-2.2.0-0.9.alpha","build-2.3.0-0.10.alpha","build-2.3.0-0.2.alpha","build-2.3.0-0.3.alpha","build-2.3.0-0.4.alpha","build-2.3.0-0.5.alpha","build-2.3.0-0.6.alpha","build-2.3.0-0.7.alpha","build-2.3.0-0.8.alpha","build-2.3.0-0.9.alpha","build-2.4.0-0.10.beta","build-2.4.0-0.11.beta","build-2.4.0-0.12.beta","build-2.4.0-0.13.beta","build-2.4.0-0.15.beta","build-2.4.0-0.16.beta","build-2.4.0-0.17.beta","build-2.4.0-0.18.beta","build-2.4.0-0.19.beta","build-2.4.0-0.20.beta","build-2.4.0-0.21.beta","build-2.4.0-0.22.beta","build-2.4.0-0.23.beta","build-2.4.0-0.24.beta","build-2.4.0-0.25.beta","build-2.4.0-0.26.beta","build-2.4.0-0.27.beta","build-2.4.0-0.28.beta","build-2.4.0-0.29.beta","build-2.4.0-0.3.alpha","build-2.4.0-0.30.beta","build-2.4.0-0.4.alpha","build-2.4.0-0.5.alpha","build-2.4.0-0.6.alpha","build-2.4.0-0.7.alpha","build-2.4.0-0.7.beta","build-2.4.0-0.9.beta","build-2.5.0-0.1.alpha","createrepo-0.9.8-4","gofer-0.67-1","gofer-0.68-1","gofer-0.68-2","gofer-0.70-1","gofer-0.72-1","gofer-0.73-1","gofer-0.74-1","gofer-0.76-1","gofer-1.0.7-2","grinder-0.0.141-1","grinder-0.0.142-1","grinder-0.0.144-1","grinder-0.0.146-1","grinder-0.0.45-1","grinder-0.0.46-1","grinder-0.0.47-1","grinder-0.0.48-1","grinder-0.0.49-1","grinder-0.1.2-1","grinder-0.1.3-1","grinder-0.1.4-3","jdob-build","libyaml-0.1.3-4","m2crypto-0.21.1.pulp-2","m2crypto-0.21.1.pulp-3","m2crypto-0.21.1.pulp-5","m2crypto-0.21.1.pulp-7","m2crypto-0.21.1.pulp-8","mod_python-3.3.1-14.4","mod_wsgi-3.2-3.sslpatch","mod_wsgi-3.2-4","mod_wsgi-3.2-5","mod_wsgi-3.2-6.pulp","mod_wsgi-3.3-2.pulp","mod_wsgi-3.3-3.pulp","mod_wsgi-3.3-4.pulp","mongo-1.4.4-1","pulp-0.0.103-1","pulp-0.0.104-1","pulp-0.0.105-1","pulp-0.0.106-1","pulp-0.0.107-1","pulp-0.0.108-1","pulp-0.0.109-1","pulp-0.0.110-1","pulp-0.0.111-1","pulp-0.0.120-1","pulp-0.0.121-1","pulp-0.0.122-1","pulp-0.0.123-1","pulp-0.0.124-1","pulp-0.0.125-1","pulp-0.0.126-1","pulp-0.0.128-1","pulp-0.0.129-1","pulp-0.0.130-1","pulp-0.0.131-1","pulp-0.0.132-1","pulp-0.0.133-1","pulp-0.0.134-1","pulp-0.0.135-1","pulp-0.0.136-1","pulp-0.0.140-1","pulp-0.0.141-1","pulp-0.0.149-1","pulp-0.0.150-1","pulp-0.0.151-1","pulp-0.0.153-1","pulp-0.0.154-1","pulp-0.0.156-1","pulp-0.0.157-1","pulp-0.0.158-1","pulp-0.0.159-1","pulp-0.0.160-1","pulp-0.0.161-1","pulp-0.0.162-1","pulp-0.0.167-1","pulp-0.0.168-1","pulp-0.0.175-1","pulp-0.0.176-1","pulp-0.0.177-1","pulp-0.0.178-1","pulp-0.0.179-1","pulp-0.0.182-1","pulp-0.0.183-1","pulp-0.0.184-1","pulp-0.0.185-1","pulp-0.0.186-1","pulp-0.0.202-1","pulp-0.0.203-1","pulp-0.0.206-1","pulp-0.0.207-1","pulp-0.0.209-1","pulp-0.0.210-1","pulp-0.0.215-1","pulp-0.0.216-1","pulp-0.0.217-1","pulp-0.0.218-1","pulp-0.0.220-1","pulp-0.0.221-1","pulp-0.0.222-1","pulp-0.0.223-1","pulp-0.0.224-1","pulp-0.0.225-1","pulp-0.0.226-1","pulp-0.0.227-1","pulp-0.0.228-1","pulp-0.0.229-1","pulp-0.0.230-1","pulp-0.0.231-1","pulp-0.0.232-1","pulp-0.0.233-1","pulp-0.0.234-1","pulp-0.0.236-1","pulp-0.0.237-1","pulp-0.0.238-1","pulp-0.0.239-1","pulp-0.0.24-1","pulp-0.0.243-1","pulp-0.0.244-1","pulp-0.0.246-1","pulp-0.0.250-1","pulp-0.0.251-1","pulp-0.0.253-1","pulp-0.0.254-1","pulp-0.0.255-1","pulp-0.0.256-1","pulp-0.0.257-1","pulp-0.0.259-1","pulp-0.0.260-1","pulp-0.0.261-1","pulp-0.0.262-1","pulp-0.0.263-1","pulp-0.0.264-1","pulp-0.0.265-1","pulp-0.0.269-1","pulp-0.0.27-1","pulp-0.0.270-1","pulp-0.0.271-1","pulp-0.0.272-1","pulp-0.0.273-1","pulp-0.0.274-1","pulp-0.0.275-1","pulp-0.0.276-1","pulp-0.0.277-1","pulp-0.0.278-1","pulp-0.0.279-1","pulp-0.0.28-1","pulp-0.0.280-1","pulp-0.0.281-1","pulp-0.0.282-1","pulp-0.0.283-1","pulp-0.0.284-1","pulp-0.0.285-1","pulp-0.0.285-2","pulp-0.0.286-1","pulp-0.0.287-1","pulp-0.0.287-2","pulp-0.0.288-1","pulp-0.0.289-1","pulp-0.0.29-1","pulp-0.0.290-1","pulp-0.0.291-1","pulp-0.0.292-1","pulp-0.0.293-1","pulp-0.0.294-1","pulp-0.0.295-1","pulp-0.0.3-3","pulp-0.0.30-1","pulp-0.0.300-1","pulp-0.0.301-1","pulp-0.0.302-1","pulp-0.0.303-1","pulp-0.0.304-1","pulp-0.0.305-1","pulp-0.0.306-1","pulp-0.0.31-1","pulp-0.0.324-1","pulp-0.0.326-1","pulp-0.0.327-1","pulp-0.0.33-1","pulp-0.0.331-1","pulp-0.0.332-1","pulp-0.0.332-2","pulp-0.0.333-1","pulp-0.0.334-1","pulp-0.0.335-1","pulp-0.0.336-1","pulp-0.0.337-1","pulp-0.0.338-1","pulp-0.0.339-1","pulp-0.0.34-1","pulp-0.0.340-1","pulp-0.0.341-1","pulp-0.0.35-1","pulp-0.0.36-1","pulp-0.0.37-1","pulp-0.0.38-1","pulp-0.0.39-1","pulp-0.0.4-1","pulp-0.0.41-1","pulp-0.0.43-1","pulp-0.0.44-1","pulp-0.0.45-1","pulp-0.0.46-1","pulp-0.0.49-1","pulp-0.0.50-1","pulp-0.0.51-1","pulp-0.0.52-1","pulp-0.0.53-1","pulp-0.0.54-1","pulp-0.0.55-1","pulp-0.0.56-1","pulp-0.0.57-1","pulp-0.0.63-1","pulp-0.0.64-1","pulp-0.0.65-1","pulp-0.0.66-1","pulp-0.0.67-1","pulp-0.0.68-1","pulp-0.0.72-1","pulp-0.0.73-1","pulp-0.0.74-1","pulp-0.0.77-1","pulp-0.0.78-1","pulp-0.0.81-1","pulp-0.0.93-1","pulp-0.0.94-1","pulp-0.0.95-1","pulp-0.0.96-1","pulp-0.0.97-1","pulp-2.1.0-0.1.alpha","pulp-2.1.0-0.10.alpha","pulp-2.1.0-0.11.alpha","pulp-2.1.0-0.12.alpha","pulp-2.1.0-0.13.alpha","pulp-2.1.0-0.14.alpha","pulp-2.1.0-0.15.alpha","pulp-2.1.0-0.16.alpha","pulp-2.1.0-0.17.alpha","pulp-2.1.0-0.18.alpha","pulp-2.1.0-0.19.alpha","pulp-2.1.0-0.2.alpha","pulp-2.1.0-0.3.alpha","pulp-2.1.0-0.4.alpha","pulp-2.1.0-0.5.alpha","pulp-2.1.0-0.6.alpha","pulp-2.1.0-0.7.alpha","pulp-2.1.0-0.8.alpha","pulp-2.1.0-0.9.alpha","pulp-2.2.0-0.1.alpha","pulp-2.2.0-0.10.alpha","pulp-2.2.0-0.11.alpha","pulp-2.2.0-0.12.alpha","pulp-2.2.0-0.13.alpha","pulp-2.2.0-0.14.alpha","pulp-2.2.0-0.16.alpha","pulp-2.2.0-0.2.alpha","pulp-2.2.0-0.3.alpha","pulp-2.2.0-0.4.alpha","pulp-2.2.0-0.5.alpha","pulp-2.2.0-0.6.alpha","pulp-2.2.0-0.7.alpha","pulp-2.2.0-0.8.alpha","pulp-2.2.0-0.9.alpha","pulp-2.3.0-0.1.alpha","pulp-2.3.0-0.10.alpha","pulp-2.3.0-0.2.alpha","pulp-2.3.0-0.3.alpha","pulp-2.3.0-0.4.alpha","pulp-2.3.0-0.5.alpha","pulp-2.3.0-0.6.alpha","pulp-2.3.0-0.7.alpha","pulp-2.3.0-0.8.alpha","pulp-2.3.0-0.9.alpha","pulp-2.4.0-0.10.beta","pulp-2.4.0-0.11.beta","pulp-2.4.0-0.12.beta","pulp-2.4.0-0.13.beta","pulp-2.4.0-0.15.beta","pulp-2.4.0-0.16.beta","pulp-2.4.0-0.17.beta","pulp-2.4.0-0.18.beta","pulp-2.4.0-0.19.beta","pulp-2.4.0-0.20.beta","pulp-2.4.0-0.21.beta","pulp-2.4.0-0.22.beta","pulp-2.4.0-0.23.beta","pulp-2.4.0-0.24.beta","pulp-2.4.0-0.25.beta","pulp-2.4.0-0.26.beta","pulp-2.4.0-0.27.beta","pulp-2.4.0-0.28.beta","pulp-2.4.0-0.29.beta","pulp-2.4.0-0.3.alpha","pulp-2.4.0-0.30.beta","pulp-2.4.0-0.4.alpha","pulp-2.4.0-0.5.alpha","pulp-2.4.0-0.6.alpha","pulp-2.4.0-0.7.alpha","pulp-2.4.0-0.7.beta","pulp-2.4.0-0.9.beta","pulp-2.7.0-0.1.alpha","pulp-2.8.0-0.1.beta","pulp-2.8.0-0.2.beta","pulp-2.8.0-0.3.beta","pulp-2.8.0-0.4.beta","pulp-2.8.0-0.5.beta","pulp-2.8.0-0.6.beta","pulp-2.8.1-0.1.beta","pulp-2.8.1-0.2.rc","pulp-2.8.1-1","pulp-2.8.2-1","pulp-builtins-0.0.296-1","pulp-builtins-0.0.300-1","pulp-builtins-0.0.301-1","pulp-builtins-0.0.302-1","pulp-builtins-0.0.303-1","pulp-builtins-0.0.304-1","pulp-builtins-0.0.305-1","pulp-builtins-0.0.306-1","pulp-builtins-0.0.324-1","pulp-builtins-0.0.326-1","pulp-builtins-0.0.327-1","pulp-builtins-0.0.331-1","pulp-builtins-0.0.332-1","pulp-builtins-0.0.333-1","pulp-builtins-0.0.334-1","pulp-builtins-0.0.335-1","pulp-builtins-0.0.336-1","pulp-builtins-0.0.337-1","pulp-builtins-0.0.338-1","pulp-builtins-0.0.339-1","pulp-builtins-0.0.340-1","pulp-builtins-0.0.341-1","pulp-builtins-2.1.0-0.1.alpha","pulp-builtins-2.1.0-0.10.alpha","pulp-builtins-2.1.0-0.11.alpha","pulp-builtins-2.1.0-0.12.alpha","pulp-builtins-2.1.0-0.13.alpha","pulp-builtins-2.1.0-0.14.alpha","pulp-builtins-2.1.0-0.15.alpha","pulp-builtins-2.1.0-0.16.alpha","pulp-builtins-2.1.0-0.17.alpha","pulp-builtins-2.1.0-0.18.alpha","pulp-builtins-2.1.0-0.19.alpha","pulp-builtins-2.1.0-0.2.alpha","pulp-builtins-2.1.0-0.3.alpha","pulp-builtins-2.1.0-0.4.alpha","pulp-builtins-2.1.0-0.5.alpha","pulp-builtins-2.1.0-0.6.alpha","pulp-builtins-2.1.0-0.7.alpha","pulp-builtins-2.1.0-0.8.alpha","pulp-builtins-2.1.0-0.9.alpha","pulp-builtins-2.2.0-0.1.alpha","pulp-builtins-2.2.0-0.10.alpha","pulp-builtins-2.2.0-0.11.alpha","pulp-builtins-2.2.0-0.12.alpha","pulp-builtins-2.2.0-0.13.alpha","pulp-builtins-2.2.0-0.14.alpha","pulp-builtins-2.2.0-0.16.alpha","pulp-builtins-2.2.0-0.2.alpha","pulp-builtins-2.2.0-0.3.alpha","pulp-builtins-2.2.0-0.4.alpha","pulp-builtins-2.2.0-0.5.alpha","pulp-builtins-2.2.0-0.6.alpha","pulp-builtins-2.2.0-0.7.alpha","pulp-builtins-2.2.0-0.8.alpha","pulp-builtins-2.2.0-0.9.alpha","pulp-builtins-2.3.0-0.1.alpha","pulp-builtins-2.3.0-0.2.alpha","pulp-builtins-2.3.0-0.3.alpha","pulp-builtins-2.3.0-0.4.alpha","pulp-builtins-2.3.0-0.5.alpha","pulp-builtins-2.3.0-0.6.alpha","pulp-builtins-2.3.0-0.7.alpha","pulp-citrus-2.1.0-0.10.alpha","pulp-citrus-2.1.0-0.2.alpha","pulp-citrus-2.1.0-0.3.alpha","pulp-citrus-2.1.0-0.4.alpha","pulp-citrus-2.1.0-0.5.alpha","pulp-citrus-2.1.0-0.6.alpha","pulp-citrus-2.1.0-0.7.alpha","pulp-citrus-2.1.0-0.8.alpha","pulp-citrus-2.1.0-0.9.alpha","pulp-nodes-2.1.0-0.12.alpha","pulp-nodes-2.1.0-0.13.alpha","pulp-nodes-2.1.0-0.14.alpha","pulp-nodes-2.1.0-0.15.alpha","pulp-nodes-2.1.0-0.16.alpha","pulp-nodes-2.1.0-0.17.alpha","pulp-nodes-2.1.0-0.18.alpha","pulp-nodes-2.1.0-0.19.alpha","pulp-nodes-2.2.0-0.1.alpha","pulp-nodes-2.2.0-0.10.alpha","pulp-nodes-2.2.0-0.11.alpha","pulp-nodes-2.2.0-0.12.alpha","pulp-nodes-2.2.0-0.13.alpha","pulp-nodes-2.2.0-0.14.alpha","pulp-nodes-2.2.0-0.16.alpha","pulp-nodes-2.2.0-0.2.alpha","pulp-nodes-2.2.0-0.3.alpha","pulp-nodes-2.2.0-0.5.alpha","pulp-nodes-2.2.0-0.8.alpha","pulp-nodes-2.2.0-0.9.alpha","pulp-nodes-2.3.0-0.1.alpha","pulp-nodes-2.3.0-0.10.alpha","pulp-nodes-2.3.0-0.2.alpha","pulp-nodes-2.3.0-0.3.alpha","pulp-nodes-2.3.0-0.4.alpha","pulp-nodes-2.3.0-0.5.alpha","pulp-nodes-2.3.0-0.6.alpha","pulp-nodes-2.3.0-0.7.alpha","pulp-nodes-2.3.0-0.8.alpha","pulp-nodes-2.3.0-0.9.alpha","pulp-nodes-2.4.0-0.10.beta","pulp-nodes-2.4.0-0.11.beta","pulp-nodes-2.4.0-0.12.beta","pulp-nodes-2.4.0-0.13.beta","pulp-nodes-2.4.0-0.15.beta","pulp-nodes-2.4.0-0.16.beta","pulp-nodes-2.4.0-0.17.beta","pulp-nodes-2.4.0-0.18.beta","pulp-nodes-2.4.0-0.19.beta","pulp-nodes-2.4.0-0.20.beta","pulp-nodes-2.4.0-0.21.beta","pulp-nodes-2.4.0-0.22.beta","pulp-nodes-2.4.0-0.23.beta","pulp-nodes-2.4.0-0.24.beta","pulp-nodes-2.4.0-0.25.beta","pulp-nodes-2.4.0-0.26.beta","pulp-nodes-2.4.0-0.27.beta","pulp-nodes-2.4.0-0.28.beta","pulp-nodes-2.4.0-0.29.beta","pulp-nodes-2.4.0-0.3.alpha","pulp-nodes-2.4.0-0.30.beta","pulp-nodes-2.4.0-0.4.alpha","pulp-nodes-2.4.0-0.5.alpha","pulp-nodes-2.4.0-0.6.alpha","pulp-nodes-2.4.0-0.7.alpha","pulp-nodes-2.4.0-0.7.beta","pulp-nodes-2.4.0-0.9.beta","pulp-puppet-0.0.331-1","pulp-rpm-0.0.296-1","pulp-rpm-0.0.300-1","pulp-rpm-0.0.301-1","pulp-rpm-0.0.302-1","pulp-rpm-0.0.303-1","pulp-rpm-0.0.304-1","pulp-rpm-0.0.305-1","pulp-rpm-0.0.306-1","pulp-rpm-0.0.324-1","pulp-rpm-0.0.326-1","pulp-rpm-0.0.327-1","pulp-rpm-0.0.331-1","pulp-rpm-product-0.0.298-1","pulp-rpm-product-0.0.300-1","pulp-rpm-product-0.0.301-1","pulp-rpm-product-0.0.302-1","pulp-rpm-product-0.0.303-1","pulp-rpm-product-0.0.304-1","pulp-rpm-product-0.0.305-1","pulp-rpm-product-0.0.306-1","pulp-rpm-product-0.0.324-1","pulp-rpm-product-0.0.326-1","pulp-rpm-product-0.0.327-1","pulp-rpm-product-0.0.331-1","pulp-rpm-product-0.0.332-1","pulp-rpm-product-0.0.333-1","pulp-rpm-product-0.0.334-1","pulp-rpm-product-0.0.335-1","pulp-rpm-product-0.0.336-1","pulp-rpm-product-0.0.337-1","pulp-rpm-product-0.0.338-1","pulp-rpm-product-0.0.339-1","pulp-rpm-product-0.0.340-1","pulp-test-package-0.2.1-1","pulp-test-package-0.3.1-1","pulp-test-package-0.4.1-1","pymongo-1.9-9","python-amqp-1.4.4-1","python-amqp-1.4.5-1","python-billiard-3.3.0.17-1","python-celery-3.1.11-1","python-greenlet-0.3.1-3","python-greenlet-0.3.1-4","python-greenlet-0.3.1-5","python-greenlet-0.3.1-6","python-greenlet-0.3.1-7","python-isodate-0.4.4-1","python-isodate-0.4.4-4.pulp","python-isodate-0.4.4-5.pulp","python-isodate-0.4.5-1","python-isodate-0.4.6-1","python-kombu-3.0.13-1.pulp","python-kombu-3.0.15-1.pulp","python-kombu-3.0.15-11.pulp","python-kombu-3.0.15-13.pulp","python-kombu-3.0.15-2.pulp","python-kombu-3.0.15-3.pulp","python-kombu-3.0.15-4.pulp","python-kombu-3.0.24-10.pulp","python-mongoengine-0.10.5-1","python-mongoengine-0.7.10-2","python-nectar-0.90.2-1","python-nectar-0.90.3-1","python-nectar-0.90.3-2","python-nectar-0.97.0-1","python-oauth2-1.2.1-1","python-oauth2-1.2.1-2","python-oauth2-1.2.1-3","python-oauth2-1.5.170-3.pulp","python-okaara-1.0.10-1","python-okaara-1.0.11-1","python-okaara-1.0.12-1","python-okaara-1.0.14-1","python-okaara-1.0.18-1","python-okaara-1.0.18-2","python-okaara-1.0.25-1","python-okaara-1.0.6-1","python-okaara-1.0.7-1","python-okaara-1.0.8-1","python-okaara-1.0.9-1","python-pymongo-3.2-1","python-qpid-0.7.946106-1","python-qpid-0.7.946106-2","python-qpid-0.7.946107-1","python-requests-2.2.1-1","python-rhsm-0.96.4-2","python-semantic-version-2.2.0-2","python-semantic-version-2.2.0-3","python-semantic_version-2.2.0-4","python-semantic_version-2.2.0-5","python-semantic_version-2.2.0-6","python-webpy-0.32-8","python-webpy-0.32-9","python-webpy-0.33-1","python-webpy-0.34-1","python-webpy-0.37-3","repo-reorganiation","sticker-2015-03-30"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-3108.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}]}