CVE-2014-8991

Published: Nov 24, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20141117 Requesting a CVE for pip - Local DoS with predictable temp directory names

mailing-list

x_refsource_MLIST

http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

x_refsource_CONFIRM

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725847

x_refsource_CONFIRM

71209

vdb-entry

x_refsource_BID

[oss-security] 20141120 Re: Requesting a CVE for pip - Local DoS with predictable temp directory names

mailing-list

x_refsource_MLIST

https://github.com/pypa/pip/pull/2122

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-8991

Description

Affected Products

References