Описание
The Execute class in shellutils in logilab-commons before 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| logilab-common | fixed | 0.61.0-1 | package | |
| logilab-common | no-dsa | squeeze | package | |
| logilab-common | no-dsa | wheezy | package |
EPSS
Процентиль: 19%
0.00061
Низкий
Связанные уязвимости
ubuntu
почти 12 лет назад
The Execute class in shellutils in logilab-commons before 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file.
nvd
почти 12 лет назад
The Execute class in shellutils in logilab-commons before 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file.
CVSS3: 5.6
github
больше 3 лет назад
Creation of Temporary File With Insecure Permissions in logilab-commons
EPSS
Процентиль: 19%
0.00061
Низкий