58 matches found
Local Privilege Escalation
pyinstaller is vulnerable to Local Privilege Escalation. The vulnerability exists due to insecure directories used in the library, allowing an attacker to delete files on the system if the applications contains either matplotlib or win32com, and the temporary directory is not locked to a specific...
CVE-2023-49797
PyInstaller bundles a Python application and all its dependencies into a single package. A PyInstaller built application, elevated as a privileged process, may be tricked by an unprivileged attacker into deleting files the unprivileged user does not otherwise have access to. A user is affected if...
PYSEC-2023-292
PyInstaller bundles a Python application and all its dependencies into a single package. A PyInstaller built application, elevated as a privileged process, may be tricked by an unprivileged attacker into deleting files the unprivileged user does not otherwise have access to. A user is affected if...
PYSEC-2023-292
PyInstaller bundles a Python application and all its dependencies into a single package. A PyInstaller built application, elevated as a privileged process, may be tricked by an unprivileged attacker into deleting files the unprivileged user does not otherwise have access to. A user is affected if...
GHSA-9W2P-RH8C-V9G5 Local Privilege Escalation in Windows
Impact A PyInstaller built application, elevated as a privileged process, may be tricked by an unprivileged attacker into deleting files the unprivileged user does not otherwise have access to. A user is affected if all the following are satisfied: The user runs an application containing either...
PT-2023-31355 · Unknown +2 · Pyinstaller +3
Name of the Vulnerable Software and Affected Versions: PyInstaller versions prior to 5.13.1 Description: A PyInstaller built application, elevated as a privileged process, may be tricked by an unprivileged attacker into deleting files the unprivileged user does not otherwise have access to. This...
MAL-2023-1377 Malicious code in matplotlib-req (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis bd93a03dd511f9d7c410511963475b420e4509248f52573f9dbcb75147a43d8a The OpenSSF Package Analysis project identified 'matplotlib-req' @ 17.6.16 pypi as malicious. It is considered malicious because: - The package...
Malicious code in matplotlib-req (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis bd93a03dd511f9d7c410511963475b420e4509248f52573f9dbcb75147a43d8a The OpenSSF Package Analysis project identified 'matplotlib-req' @ 17.6.16 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-1406 Malicious code in selenium-matplotlib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c33741bca6736c936d2c0540044a5d38caf6a18b6981e6268da4295f64985a68 The OpenSSF Package Analysis project identified 'selenium-matplotlib' @ 17.9.4 pypi as malicious. It is considered malicious because: - The...
Malicious code in selenium-matplotlib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c33741bca6736c936d2c0540044a5d38caf6a18b6981e6268da4295f64985a68 The OpenSSF Package Analysis project identified 'selenium-matplotlib' @ 17.9.4 pypi as malicious. It is considered malicious because: - The...
Malicious code in matplotlib-sqlalchemy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1e95f621034f0f8a7815196be16626cb63483120da948a396c70ae3d6e0f14b9 The OpenSSF Package Analysis project identified 'matplotlib-sqlalchemy' @ 16.18.4 pypi as malicious. It is considered malicious because: - The...
MAL-2023-1379 Malicious code in matplotlib-sqlalchemy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1e95f621034f0f8a7815196be16626cb63483120da948a396c70ae3d6e0f14b9 The OpenSSF Package Analysis project identified 'matplotlib-sqlalchemy' @ 16.18.4 pypi as malicious. It is considered malicious because: - The...
Malicious code in scikit-learn-matplotlib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 14d5e86444b47f8ee729dcf7930f4ba68d938ea99b786e110e5d7bd53f081fa9 The OpenSSF Package Analysis project identified 'scikit-learn-matplotlib' @ 6.12.17 pypi as malicious. It is considered malicious because: - The...
MAL-2023-1405 Malicious code in scikit-learn-matplotlib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 14d5e86444b47f8ee729dcf7930f4ba68d938ea99b786e110e5d7bd53f081fa9 The OpenSSF Package Analysis project identified 'scikit-learn-matplotlib' @ 6.12.17 pypi as malicious. It is considered malicious because: - The...
Malicious code in matplotlib-requests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 190845a762334a5ed99d67986a803d15af723991a1dd90af98f6be280284aa02 The OpenSSF Package Analysis project identified 'matplotlib-requests' @ 16.12.4 pypi as malicious. It is considered malicious because: - The...
Malicious code in req-matplotlib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 42e8fed5a27a6a36519ad623fa6c33db0f7824fc859500c5f049ec26347c2b3c The OpenSSF Package Analysis project identified 'req-matplotlib' @ 11.2.18 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-1400 Malicious code in req-matplotlib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 42e8fed5a27a6a36519ad623fa6c33db0f7824fc859500c5f049ec26347c2b3c The OpenSSF Package Analysis project identified 'req-matplotlib' @ 11.2.18 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-1376 Malicious code in matplotlib-flask (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 15cce6ca7d9ce0af312425dec9ae608529c322b940526b20135cdcd8673ba31c The OpenSSF Package Analysis project identified 'matplotlib-flask' @ 7.15.10 pypi as malicious. It is considered malicious because: - The packag...
Malicious code in matplotlib-flask (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 15cce6ca7d9ce0af312425dec9ae608529c322b940526b20135cdcd8673ba31c The OpenSSF Package Analysis project identified 'matplotlib-flask' @ 7.15.10 pypi as malicious. It is considered malicious because: - The packag...
MAL-2023-1904 Malicious code in matplotliib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 97989f3353db1091509c71884ed621af99fbe48a36ee8b43db3dda830eae5c4b Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...