{"id":"CVE-2017-8108","details":"Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file.","modified":"2026-03-15T22:24:44.231926Z","published":"2017-06-08T16:29:00.467Z","related":["openSUSE-SU-2024:11032-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UJXMPYANXHI25NQZ36QMXNXANDRAA5YG/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJHLLWNW7NASVXCK24YBSIUQQPWGCMB5/"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/99288"},{"type":"ADVISORY","url":"https://cisofy.com/security/cve/cve-2017-8108/"},{"type":"ADVISORY","url":"https://github.com/CISOfy/lynis/releases/tag/2.5.0"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cisofy/lynis","events":[{"introduced":"0"},{"fixed":"d012f817ac3e7542956b976066de3db6d3a5a472"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"2.5.0"}]}}],"versions":["1.6.1","1.6.2","1.6.3","1.6.4","2.0.0","2.1.0","2.1.1","2.2.0","2.3.0","2.3.1","2.3.2","2.3.3","2.3.4","2.4.0","2.4.1","2.4.2","2.4.3","2.4.4","2.4.5","2.4.6","2.4.7","2.4.8"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-8108.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}