CVE-2016-7064
https://notcve.org/view.php?id=CVE-2016-7064
A flaw was found in pritunl-client before version 1.0.1116.6. A lack of signature verification leads to sensitive information leakage Se encontró un fallo en pritunl-client versiones anteriores a 1.0.1116.6. Una falta de verificación de firma conlleva a un filtrado de información confidencial • https://github.com/pritunl/pritunl-client-electron/releases/tag/1.0.1116.6 https://lf.lc/CVE-2016-7064.txt • CWE-347: Improper Verification of Cryptographic Signature •
CVE-2016-7063
https://notcve.org/view.php?id=CVE-2016-7063
A flaw was found in pritunl-client before version 1.0.1116.6. Arbitrary write to user specified path may lead to privilege escalation. Se encontró un fallo en pritunl-client versiones anteriores a 1.0.1116.6. La escritura arbitraria en una ruta especificada por el usuario puede conllevar a una escalada de privilegios • https://github.com/pritunl/pritunl-client-electron/releases/tag/1.0.1116.6 https://github.com/pritunl/pritunl-client-electron/releases/tag/1.0.1116.6%2C https://lf.lc/CVE-2016-7063.txt • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •