VDB
GCVE-110-MAGEIA-2023-297
GCVE-110-MAGEIA-2023-297
Advisory Published
Cadence through 0.9.2 2023-08-21 uses an Insecure
/tmp/.cadence-aloop-daemon.x Temporary File. The file is used even if it
has been created by a local adversary before Cadence started. The
adversary can then delete the file, disrupting Cadence. (CVE-2023-43782)
Cadence through 0.9.2 2023-08-21 uses an Insecure
/tmp/cadence-wineasio.reg Temporary File. The filename is used even if
it has been created by a local adversary before Cadence started. The
adversary can leverage this to create or overwrite files via a symlink
attack. In some kernel configurations, code injection into the Wine
registry is possible. (CVE-2023-43783)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | cadence | 0 (affected), 0.9.1-7.1.mga9 (unaffected) | — |
| Mageia | cadence | 0 (affected), 0.9.1-3.1.mga8 (unaffected) | — |
Aliases
Browse GCVE Records
73,866 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.