Incorrect validation of temporary filenames
A bug in MISP Malware Information Sharing Platform introduces an unsafe temporary file creation vulnerability.
MISP versions below 2.3.92 are vulnerable. This vulnerability is fixed in version 2.3.92.
CIRCL would like to thank the reporter (Davy Stoffel from Conostix) for his security review.
Classification of this document
TLP:WHITE information may be distributed without restriction, subject to copyright controls.
- Version 1.0 - TLP:WHITE - First version (20150804)