David Holland

**Name of the Vulnerable Software and Affected Versions** caml-light versions 0.75 and earlier **Description** The issue arises from the insecure use of mktemp() in caml-light, along with unsafe operations performed in the /tmp directory during the make install process. **Recommendations** For caml-light version 0.75 and earlier, consider updating to a version that securely utilizes mktemp() and avoids unsafe operations in /tmp to mitigate the risk.

**Name of the Vulnerable Software and Affected Versions** isearch versions prior to 1.47.01nb1 **Description** The issue concerns the creation of insecure temporary files in a publicly-writable area, specifically /tmp, due to the use of the tempnam() function. **Recommendations** For versions prior to 1.47.01nb1, update to version 1.47.01nb1 or later to resolve the issue.