EPSS
Percentile
5.1%
Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/.
/tmp
PYTHONPATH
/tmp/
github.com/cheetahtemplate/cheetah
nvd.nist.gov/vuln/detail/CVE-2005-1632
web.archive.org/web/20050430021153/sourceforge.net/mailarchive/forum.php?thread_id=7070332&forum_id=1542