CVE-2020-11867

EUVD-2020-4207
Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
Affected Products (NVD)
VendorProductVersion
audacityteamaudacity
𝑥
≤ 2.3.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
audacity
bookworm
3.2.4+dfsg-1
fixed
bullseye
2.4.2~dfsg0-5
fixed
buster
no-dsa
sid
3.6.4+dfsg-1
fixed
stretch
no-dsa
trixie
3.6.4+dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
audacity
bionic
needed
focal
needed
groovy
ignored
hirsute
ignored
impish
ignored
jammy
needed
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needs-triage
trusty
dne
xenial
needed
Common Weakness Enumeration
References
https://github.com/audacity/audacity/releases
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MG5PSF4CJ7UPMJHWX553EG3P2XN3PAYI/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WKK3S2QBXBHOFOQMXMGY5QAKVUWUX2YY/
https://salvatoresecurity.com/the-many-perils-of-tmp/
https://github.com/audacity/audacity/releases
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MG5PSF4CJ7UPMJHWX553EG3P2XN3PAYI/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WKK3S2QBXBHOFOQMXMGY5QAKVUWUX2YY/
https://salvatoresecurity.com/the-many-perils-of-tmp/