Lucene search
GitHub Advisory DatabaseGHSA-282V-666C-3FVGHistoryMay 18, 2023 - 6:30 p.m.
transformers has Insecure Temporary File
2023-05-1818:30:35
CWE-377
GitHub Advisory Database
github.com
11
github
repository
huggingface/transformers
software
fix
version 4.30.0
CVSS3
4.7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
9.0%
Insecure Temporary File in GitHub repository huggingface/transformers 4.29.2 and prior. A fix is available at commit 80ca92470938bbcc348e2d9cf4734c7c25cb1c43 and has been released as part of version 4.30.0.
Affected configurations
Node
huggingfacetransformersRange<4.30.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| huggingface | transformers | * | cpe:2.3:a:huggingface:transformers:*:*:*:*:*:*:*:* |
Related
huntr
huntr
Insecure Temporary File
2023-01-05 13:42:55
cvelist
cvelist
CVE-2023-2800 Insecure Temporary File in huggingface/transformers
2023-05-18 00:00:00
osv
osv
transformers has Insecure Temporary File
2023-05-18 18:30:35
CVE-2023-2800
2023-05-18 17:15:08
cve
cve
CVE-2023-2800
2023-05-18 17:15:08
veracode
veracode
Insecure Temporary File
2023-05-19 05:03:18
ibm
ibm
nvd
nvd
CVE-2023-2800
2023-05-18 17:15:08
prion
prion
Design/Logic Flaw
2023-05-18 17:15:00
CVSS3
4.7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
9.0%
Related for GHSA-282V-666C-3FVG