Back to search
CVE-2014-1858
Published: Jan 8, 2018
Modified: Aug 6, 2024
PUBLISHED
Description
__init__.py in f2py in NumPy before 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
FEDORA-2014-2387
vendor-advisory
x_refsource_FEDORA
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737778
x_refsource_CONFIRM
https://github.com/numpy/numpy/pull/4262
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1062009
x_refsource_CONFIRM
65441
vdb-entry
x_refsource_BID
numpy-cve20141858-symlink(91318)
vdb-entry
x_refsource_XF
[oss-security] 20140207 Re: CVE request: f2py insecure temporary file use
mailing-list
x_refsource_MLIST
FEDORA-2014-2289
vendor-advisory
x_refsource_FEDORA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now