SUSE CVE-2022-23563

Tensorflow is an Open Source Machine Learning Framework. In multiple places, TensorFlow uses tempfile.mktemp to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in...

GHSA-VQJ2-4V8M-8VRQ Insecure Temporary File in mlflow

mlflow prior to 1.23.1 contains an insecure temporary file. The insecure function tempfile.mktemp is deprecated and mkstemp should be used instead...

Mlflow 安全漏洞

Mlflow is an open source platform for machine learning lifecycles. A security vulnerability exists in Mlflow that stems from the product's tempfile.mktemp function failing to properly handle multi-process state. The vulnerability allows an attacker to create a temporary file with the same name. T...

PT-2022-13398 · Mlflow · Mlflow

Name of the Vulnerable Software and Affected Versions: mlflow versions prior to 1.23.1 Description: The issue is related to an insecure temporary file in the GitHub repository mlflow/mlflow. The tempfile.mktemp function is deprecated and should be replaced with mkstemp. Recommendations: For...

Insecure temporary file in Tensorflow

Impact In multiple places, TensorFlow uses tempfile.mktemp to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in mktemp and the actual creation of the file by a...

GHSA-WC4G-R73W-X8MM Insecure temporary file in Tensorflow

Impact In multiple places, TensorFlow uses tempfile.mktemp to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in mktemp and the actual creation of the file by a...

CVE-2022-23563

Tensorflow is an Open Source Machine Learning Framework. In multiple places, TensorFlow uses tempfile.mktemp to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in...

Stack overflow

Tensorflow is an Open Source Machine Learning Framework. In multiple places, TensorFlow uses tempfile.mktemp to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in...

PT-2022-16079 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.0 through 2.7.0 will be patched in 2.7.1 TensorFlow versions 2.6.0 through 2.6.2 will be patched in 2.6.3 TensorFlow versions 2.5.0 through 2.5.2 will be patched in 2.5.3 Description:...

Google Tensorflow 安全漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow, which stems from TensorFlow's use of tempfile.mktemp to create temporary files. No detailed vulnerability details are available...

CVE-2011-4119

caml-light = 0.75 uses mktemp insecurely, and also does unsafe things in /tmp during make install...

Code injection

caml-light = 0.75 uses mktemp insecurely, and also does unsafe things in /tmp during make install...

CVE-2011-4119

CVE-2011-4119 affects caml-light

CVE-2011-4119

caml-light = 0.75 uses mktemp insecurely, and also does unsafe things in /tmp during make install...

Caml-light 安全漏洞

Caml-Light is an older, open source lightweight implementation of the core Caml language from the Caml team. Caml-light suffers from a security vulnerability that stems from Caml-light = 0.75 using mktemp insecurely and doing unsafe things in TMP during make install...

CVE-2015-5701

mktexlsr revision 36855, and before revision 36626 as packaged in texlive allows local users to write to arbitrary files via a symlink attack. NOTE: this vulnerability exists due to the reversion of a fix of CVE-2015-5700...

Fedora 22 : kdelibs3-3.5.10-71.fc22 (2015-2f4b92ed2e)

Security fix for CVE-2015-7543 in kdelibs3 the KDE 3 compatibility version of kdelibs: A temporary directory was being created insecurely using mktemp and mkdir, allowing an attacker to hijack the temporary directory and thus the inter-process communication IPC. This update fixes the temporary...

Fedora 23 : kdelibs3-3.5.10-71.fc23 (2015-6e50918d8e)

Security fix for CVE-2015-7543 in kdelibs3 the KDE 3 compatibility version of kdelibs: A temporary directory was being created insecurely using mktemp and mkdir, allowing an attacker to hijack the temporary directory and thus the inter-process communication IPC. This update fixes the temporary...

Debian DLA-367-1 : kdelibs security update

It has been reported that kdelibs uses the insecure mktemp function to create the temporary directory it uses to host user-specific sockets. It is thus possible for another user to hijack this temporary directory and gain socket accesses it should not have. In Debian 6 'Squeeze', this issue has...

[SECURITY] [DLA 367-1] kdelibs security update

Package : kdelibs Version : 3.5.10.dfsg.1-5+deb6u1 CVE ID : CVE-2015-7543 It has been reported that kdelibs uses the insecure mktemp function to create the temporary directory it uses to host user-specific sockets. It is thus possible for another user to hijack this temporary directory and gain...