How severe is CVE-2024-10372?

This vulnerability has a severity rating of LOW with a CVSS score of 3.6 out of 10.

What type of vulnerability is CVE-2024-10372?

This is classified as CWE-377, which is a common weakness in software security.

CVE-2024-10372

LOW Year: 2024

CVSS v3 Score

3.6

Low

CVSS v2 Score

3.5

Low

Weakness Type

CWE-377

View all →

Vulnerability Description

A vulnerability classified as problematic was found in chidiwilliams buzz 1.1.0. This vulnerability affects the function download_model of the file buzz/model_loader.py. The manipulation leads to insecure temporary file. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2021-25316

LOW

CVSS:3.3(Low)

A Insecure Temporary File vulnerability in s390-tools of SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-SP2 allows local attackers to prevent VM live migrations This issue affect...

CWE-3772021

CVE-2020-1994

MEDIUM

CVSS:4.4(Medium)

A predictable temporary file vulnerability in PAN-OS allows a local authenticated user with shell access to corrupt arbitrary system files affecting the integrity of the system. This issue affects: Al...

CWE-3772020

CVE-2020-8030

MEDIUM

CVSS:4.4(Medium)

A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitra...

CWE-3772020

CVE-2021-46705

MEDIUM

CVSS:4.4(Medium)

A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linu...

CWE-3772021

CVE-2024-2313

LOW

CVSS:2.8(Low)

If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux dis...

CWE-3772024

CVE-2018-19638

MEDIUM

CVSS:4.7(Medium)

In supportutils, before version 3.1-5.7.1 and if pacemaker is installed on the system, an unprivileged user could have overwritten arbitrary files in the directory that is used by supportutils to coll...

CWE-3772018

CVE-2024-10372

Vulnerability Description

Related Vulnerabilities

CVE-2021-25316

CVE-2020-1994

CVE-2020-8030

CVE-2021-46705

CVE-2024-2313

CVE-2018-19638