GHSA-xrr4-74mc-rpjc

Опубликовано: 21 авг. 2018

Источник: github

Github: Прошло ревью

CVSS3: 7.5

Описание

Pyro mishandles pid files in temporary directory locations and opening the pid file as root

pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks.

Ссылки

Пакеты

Наименование

pyro

pip

Затронутые версииВерсия исправления

< 3.15

3.15

EPSS

Процентиль: 62%

0.00433

Низкий

7.5 High

CVSS3

CVE ID

CVE-2011-2765

Дефекты

CWE-59

Связанные уязвимости

CVE-2011-2765

CVSS3: 7.5

ubuntu

больше 7 лет назад

pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks.

CVE-2011-2765

CVSS3: 7.5

nvd

больше 7 лет назад

pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks.

CVE-2011-2765

CVSS3: 7.5

debian

больше 7 лет назад

pyro before 3.15 unsafely handles pid files in temporary directory loc ...

EPSS

Процентиль: 62%

0.00433

Низкий

7.5 High

CVSS3

CVE ID

CVE-2011-2765

Дефекты

CWE-59