Insecure Temporary File

transformers is vulnerable to Insecure Temporary Files. The vulnerability exists inside downloadurl due to the use of deprecated function tempfile.mktemp which creates temporary file names that are fundamentally insecure, as they do not ensure exclusive access to a file with the temporary name th...

Insecure Temporary File

horovod is vulnerable to an insecure temporary file usage. When invoking vulnerable tempfile.mktemp function an attacker is able to create a malicious file with a different process inside the system...

Insecure Temporary File in mlflow

mlflow prior to 1.23.1 contains an insecure temporary file. The insecure function tempfile.mktemp is deprecated and mkstemp should be used instead...

CVE-2022-23563 Insecure temporary file in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. In multiple places, TensorFlow uses tempfile.mktemp to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in...

CVE-2014-1839

The Execute class in shellutils in logilab-commons before 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file...

CVE-2014-1839

The Execute class in shellutils in logilab-commons before 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file...

CVE-2014-1839

CVE-2014-1839 affects logilab-common (shellutils) before version 0.61.0. The Execute class in shellutils uses tempfile.mktemp, enabling local users to pre-create the temporary file and potentially impact the system. The vulnerability is local in scope with partial confidentiality/integrity/availa...