Vulnerabilities (CVE)

Filtered by vendor Gnu Subscribe
Filtered by product Automake
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-3386 1 Gnu 1 Automake 2024-11-21 4.4 MEDIUM N/A
The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors.
CVE-2009-4029 1 Gnu 1 Automake 2024-11-21 4.4 MEDIUM N/A
The (1) dist or (2) distcheck rules in GNU Automake 1.11.1, 1.10.3, and release branches branch-1-4 through branch-1-9, when producing a distribution tarball for a package that uses Automake, assign insecure permissions (777) to directories in the build tree, which introduces a race condition that allows local users to modify the contents of package files, introduce Trojan horse programs, or conduct other attacks before the build is complete.