6 matches found
CVE-2023-49797
creationtimestamp| type| source ---|---|--- 2024-01-01 07:56:39+00:00| published-proof-of-concept| https://t.me/ctinow/161218 2024-12-03 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1641/...
Fedora 39 : rdiff-backup (2023-3909a0ab0e)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3909a0ab0e advisory. Rebuild for pyinstall CVE-2023-49797 BZ2253844 Tenable has extracted the preceding description block directly from the Fedora security advisory. Not...
Fedora 38 : rdiff-backup (2023-0fb94a1209)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-0fb94a1209 advisory. Rebuild for pyinstall CVE-2023-49797 BZ2253844 Tenable has extracted the preceding description block directly from the Fedora security advisory. Not...
ak-frame-extractor (>=1.0.0 <=1.1.0), apollo-sdk (>=0.2.4 <=0.2.11) +66 more potentially affected by CVE-2023-49797 via pyinstaller (>=3.0.0 <=5.13.0)
pyinstaller PYPI version =3.0.0, =1.0.0, =0.2.4, =0.1.0, =0.3.6, =0.1.0, =0.0.35, =0.0.13, =0.0.2, =0.8.2, =0.8.6 - faky =1.0.0 and more Source cves: CVE-2023-49797 Source advisory: OSV:PYSEC-2023-292...
CVE-2023-49797
CVE-2023-49797 affects PyInstaller-packaged Python apps and can lead to deletion of files in a privileged process under specific conditions (matplotlib or win32com present, run as administrator, and unprotected TEMP directory). Root cause: unprotected temporary file handling allows timing or dire...
CVE-2023-49797 Local Privilege Escalation in pyinstaller on Windows
PyInstaller bundles a Python application and all its dependencies into a single package. A PyInstaller built application, elevated as a privileged process, may be tricked by an unprivileged attacker into deleting files the unprivileged user does not otherwise have access to. A user is affected if...