210 matches found
CVE-2008-7273
A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling...
Alibaba Cloud Linux 3 : 0111: python3 (ALINUX3-SA-2024:0111)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0111 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-6597: An issue was found in the...
gix-fs (>=0.1.0 <=0.9.1), gix-lock (>=5.0.0 <=12.0.1) +1 more potentially affected by CVE-2025-31130 via gix-features (>=0.29.0 <=0.37.2)
gix-features CARGO version =0.29.0, =0.1.0, =5.0.0, =5.0.3, =12.0.1 Source cves: CVE-2025-31130 Source advisory: OSV:GHSA-2FRX-2596-X5R6...
gix-fs (>=0.1.0 <=0.9.1), gix-lock (>=5.0.0 <=12.0.1) +1 more potentially affected by CVE-2025-31130 via gix-features (>=0.29.0 <=0.37.2)
gix-features CARGO version =0.29.0, =0.1.0, =5.0.0, =5.0.3, =12.0.1 Source cves: CVE-2025-31130 Source advisory: OSV:RUSTSEC-2025-0021...
SUSE CVE-2023-43123
On unix-like systems, the temporary directory is shared between all user. As such, writing to this directory using APIs that do not explicitly set the file/directory permissions can lead to information disclosure. Of note, this does not impact modern MacOS Operating Systems. The method...
BIT-PYTHON-MIN-2023-6597
An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged...
CVE-2023-42225
Pat Infinite Solutions HelpdeskAdvanced = 11.0.33 is vulnerable to Directory Traversal via the Attachment/DownloadTempFile function...
CVE-2024-54661
readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file...
assemblylift-cli (>=0.4.0-alpha.5 <=0.4.0-alpha.11), assemblylift-core (>=0.4.0-alpha.10 <=0.4.0-alpha.11) +93 more potentially affected by CVE-2024-51756 via cap-primitives (>=0.10.0 <=3.0.0)
cap-primitives CARGO version =0.10.0, =0.4.0-alpha.5, =0.4.0-alpha.10, =0.1.0, =0.3.0, =0.1.0, =0.7.0, =1.0.11, =0.1.0, =0.1.1, =0.1.0, =0.3.0, =0.5.2, =0.1.1, =0.1.0, =0.1.0, =0.2.3 and more Source cves: CVE-2024-51756 Source advisory: OSV:RUSTSEC-2024-0445...
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20230302.102001)
The version of AHV installed on the remote host is prior to 20230302.102005. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20230302.102001 advisory. - squashfsopendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability...
Security Bulletin: Vulnerability in Python affects watsonx.data
Summary Python could provide weaker than expected security caused by an issue with tempfile. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-6597 DESCRIPTION: Python could provide weaker than expected security, caused by an issue with tempfile.TemporaryDirectory fails removing...
python: Path traversal on tempfile.TemporaryDirectory
A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link...
Important: Red Hat Security Advisory: python3.9 security update
An update for python3.9 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
EulerOS Virtualization 2.11.1 : python3 (EulerOS-SA-2024-2172)
According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18...
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2024-2172)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
python: Path traversal on tempfile.TemporaryDirectory
A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link...
RHEL 9 : python3.11 (RHSA-2024:4896)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4896 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...
python: Path traversal on tempfile.TemporaryDirectory
A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link...
python: Path traversal on tempfile.TemporaryDirectory
A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link...
Important: python3
Issue Overview: An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can r...