What is CVE-2024-55566?

CVE-2024-55566 is a medium-severity vulnerability in N/a, classified under Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG). CVSS score: 6.6/10. Published 2024-12-09.

How severe is CVE-2024-55566?

Medium severity. CVSS v3 base score is 6.6 out of 10.

Vulnerability in N/a

CVE-2024-55566

ColPack 1.0.10 through 9a7293a has a predictable temporary file (located under /tmp with a name derived from an unseeded RNG). The impact can be overwriting files or making ColPack graphing unavailable to other users.

EPSS: 0.000 (13.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.6 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H.

Affected products

N/a — versions n/a

Weakness classification (CWE)

CWE-335 — Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)

References

bugzilla.suse.com/show_bug.cgi
github.com/CSCsw/ColPack/blob/9a7293a8dfd66a60434496b8df5ebb4274d70339/src/Util…
cwe.mitre.org/data/definitions/335.html

Frequently asked questions

What is CVE-2024-55566?: CVE-2024-55566 is a medium-severity vulnerability in N/a, classified under Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG). CVSS score: 6.6/10. Published 2024-12-09.
How severe is CVE-2024-55566?: Medium severity. CVSS v3 base score is 6.6 out of 10.