LAYER: meta PACKAGE NAME: readline PACKAGE VERSION: 8.2 CVE: CVE-2014-2524 CVE STATUS: Patched CVE SUMMARY: The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file. CVSS v2 BASE SCORE: 3.3 CVSS v3 BASE SCORE: 0.0 VECTOR: LOCAL VECTORSTRING: AV:L/AC:M/Au:N/C:N/I:P/A:P MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2014-2524