{
  "modified": "2025-08-09T19:01:27Z",
  "published": "2014-02-26T14:55:08Z",
  "id": "CVE-2014-2095",
  "details": "Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0, when a Fedora package such as 0.8.2-1 is not used, allows local users to gain privileges via a Trojan horse bin/catfish.pyc under the current working directory.",
  "references": [
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1069396"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2014/02/25/2"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2014/02/25/4"
    },
    {
      "type": "WEB",
      "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739958"
    }
  ]
}