9.6 High
AI Score
Confidence
High
0.012 Low
EPSS
Percentile
85.4%
redhat-certification does not properly sanitize paths in rhcertStore.py:__saveResultsFile. A remote attacker could use this flaw to overwrite any file, potentially gaining remote code execution.
www.securityfocus.com/bid/104857
access.redhat.com/errata/RHSA-2018:2373
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10870