Описание
pip before 1.3 allows local users to overwrite arbitrary files via a symlink attack on a file in the /tmp/pip-build temporary directory.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.3.1-0ubuntu1 |
| esm-apps/xenial | not-affected | 1.3.1-0ubuntu1 |
| esm-infra-legacy/trusty | not-affected | 1.3.1-0ubuntu1 |
| hardy | DNE | |
| lucid | ignored | end of life |
| oneiric | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | ignored | end of life |
| raring | not-affected | 1.3.1-0ubuntu1 |
Показывать по
10
2.1 Low
CVSS2
Связанные уязвимости
nvd
больше 12 лет назад
pip before 1.3 allows local users to overwrite arbitrary files via a symlink attack on a file in the /tmp/pip-build temporary directory.
debian
больше 12 лет назад
pip before 1.3 allows local users to overwrite arbitrary files via a s ...
CVSS3: 6.2
github
больше 3 лет назад
Improper Link Resolution Before File Access in pip
2.1 Low
CVSS2