medium severity
Do your applications use this vulnerable package?
Test your applications
Overview
Package updates are available for Amazon Linux 2 that fix the following vulnerabilities: CVE-2019-12450: file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used. 1719141: CVE-2019-12450 glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress
References
- CVE
- ALAS2-2019-1289
- Snyk ID
- SNYK-AMZN2-GLIB2-484723
- Published
- 13 Nov, 2019