---

CVE-2016-8605 - log back

CVE-2016-8605 created at 25 Sep 2019 19:31:40
Severity	+ Low
Remote	+ Local
Type	+ Information disclosure
Description	+ The mkdir procedure of GNU Guile, an implementation of the Scheme programming language, temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777.
References	+ https://lists.gnu.org/archive/html/info-gnu/2016-10/msg00009.html
Notes