This security advisory describes one medium risk vulnerability.
Exploit availability: NoDescription
The vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to a symlink following issue. A remote user can create a specially crafted symbolic link to and write files outside a repository.Mitigation
Update the affected packages.
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.