SUSE CVE-2024-4030

On Windows a directory returned by tempfile.mkdtemp would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile...

BIT-PYTHON-2024-4030

On Windows a directory returned by tempfile.mkdtemp would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile...

CVE-2024-4030

On Windows a directory returned by tempfile.mkdtemp would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile...

CVE-2024-4030

CVE-2024-4030 affects Python’s tempfile.mkdtemp on Windows due to missing Unix permissions support. The vulnerability arises because a directory created by mkdtemp() on Windows could inherit permissive access from the base location, potentially allowing other users to read/write. The fix adds sup...

PSF-2024-3

On Windows a directory returned by tempfile.mkdtemp would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile...

PT-2024-7267 · Python +1 · Python +1

Name of the Vulnerable Software and Affected Versions: Python versions prior to 3.13 Description: The issue is related to the tempfile.mkdtemp function in Python, which on Windows, may not always set the correct permissions for the temporary directory, allowing other users to read and write to it...

Python 安全漏洞

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A security vulnerability exists in python that stems from Python's lack of support for Unix permissions on Windows...

SUSE CVE-2022-23563

Tensorflow is an Open Source Machine Learning Framework. In multiple places, TensorFlow uses tempfile.mktemp to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in...

Insecure temporary file in Tensorflow

Impact In multiple places, TensorFlow uses tempfile.mktemp to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in mktemp and the actual creation of the file by a...

CVE-2022-23563

Tensorflow is an Open Source Machine Learning Framework. In multiple places, TensorFlow uses tempfile.mktemp to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in...

Stack overflow

Tensorflow is an Open Source Machine Learning Framework. In multiple places, TensorFlow uses tempfile.mktemp to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in...

CVE-2022-23563 Insecure temporary file in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. In multiple places, TensorFlow uses tempfile.mktemp to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in...

Fedora 22 : kdelibs3-3.5.10-71.fc22 (2015-2f4b92ed2e)

Security fix for CVE-2015-7543 in kdelibs3 the KDE 3 compatibility version of kdelibs: A temporary directory was being created insecurely using mktemp and mkdir, allowing an attacker to hijack the temporary directory and thus the inter-process communication IPC. This update fixes the temporary...

Fedora 23 : kdelibs3-3.5.10-71.fc23 (2015-6e50918d8e)

Security fix for CVE-2015-7543 in kdelibs3 the KDE 3 compatibility version of kdelibs: A temporary directory was being created insecurely using mktemp and mkdir, allowing an attacker to hijack the temporary directory and thus the inter-process communication IPC. This update fixes the temporary...

Debian DLA-367-1 : kdelibs security update

It has been reported that kdelibs uses the insecure mktemp function to create the temporary directory it uses to host user-specific sockets. It is thus possible for another user to hijack this temporary directory and gain socket accesses it should not have. In Debian 6 'Squeeze', this issue has...

[SECURITY] [DLA 367-1] kdelibs security update

Package : kdelibs Version : 3.5.10.dfsg.1-5+deb6u1 CVE ID : CVE-2015-7543 It has been reported that kdelibs uses the insecure mktemp function to create the temporary directory it uses to host user-specific sockets. It is thus possible for another user to hijack this temporary directory and gain...

[SECURITY] [DLA 366-1] arts security update

Package : arts Version : 1.5.9-3+deb6u1 CVE ID : CVE-2015-7543 It has been reported that arts uses the insecure mktemp function to create the temporary directory it uses to host user-specific sockets. It is thus possible for another user to hijack this temporary directory and gain IPC access it...

PulseAudio setuid - Local Privilege Escalation

PulseAudio setuid - Local Privilege Escalation !/bin/bash pulseaudio=which pulseaudio workdir="/tmp" workdir=$HOME id=which id shell=which sh trap cleanup INT function cleanup rm -f $workdir/sh $workdir/sh.c $workdir/parace $workdir/parace.c rm -rf $workdir/PATMP cat $workdir/parace.c include...