Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities found for pyro by pyro_project
CVE-2011-2765 (GCVE-0-2011-2765)
Vulnerability from cvelistv5 – Published: 2018-08-20 13:00 – Updated: 2024-09-16 19:00
VLAI
Title
Insecure temporary file handling
Summary
pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/irmen/Pyro3/commit/554e095a62c… | x_refsource_CONFIRM |
| https://pythonhosted.org/Pyro/12-changes.html | x_refsource_CONFIRM |
| https://bugs.debian.org/631912 | x_refsource_CONFIRM |
Date Public
2011-08-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:15:30.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/irmen/Pyro3/commit/554e095a62c4412c91f981e72fd34a936ac2bf1e"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://pythonhosted.org/Pyro/12-changes.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/631912"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-08-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-20T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/irmen/Pyro3/commit/554e095a62c4412c91f981e72fd34a936ac2bf1e"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://pythonhosted.org/Pyro/12-changes.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/631912"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insecure temporary file handling",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_PUBLIC": "2011-08-21T22:57:00.000Z",
"ID": "CVE-2011-2765",
"STATE": "PUBLIC",
"TITLE": "Insecure temporary file handling"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/irmen/Pyro3/commit/554e095a62c4412c91f981e72fd34a936ac2bf1e",
"refsource": "CONFIRM",
"url": "https://github.com/irmen/Pyro3/commit/554e095a62c4412c91f981e72fd34a936ac2bf1e"
},
{
"name": "https://pythonhosted.org/Pyro/12-changes.html",
"refsource": "CONFIRM",
"url": "https://pythonhosted.org/Pyro/12-changes.html"
},
{
"name": "https://bugs.debian.org/631912",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/631912"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-2765",
"datePublished": "2018-08-20T13:00:00.000Z",
"dateReserved": "2011-07-19T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:00:40.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2765 (GCVE-0-2011-2765)
Vulnerability from nvd – Published: 2018-08-20 13:00 – Updated: 2024-09-16 19:00
VLAI
Title
Insecure temporary file handling
Summary
pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/irmen/Pyro3/commit/554e095a62c… | x_refsource_CONFIRM |
| https://pythonhosted.org/Pyro/12-changes.html | x_refsource_CONFIRM |
| https://bugs.debian.org/631912 | x_refsource_CONFIRM |
Date Public
2011-08-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:15:30.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/irmen/Pyro3/commit/554e095a62c4412c91f981e72fd34a936ac2bf1e"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://pythonhosted.org/Pyro/12-changes.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/631912"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-08-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-20T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/irmen/Pyro3/commit/554e095a62c4412c91f981e72fd34a936ac2bf1e"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://pythonhosted.org/Pyro/12-changes.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/631912"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insecure temporary file handling",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_PUBLIC": "2011-08-21T22:57:00.000Z",
"ID": "CVE-2011-2765",
"STATE": "PUBLIC",
"TITLE": "Insecure temporary file handling"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/irmen/Pyro3/commit/554e095a62c4412c91f981e72fd34a936ac2bf1e",
"refsource": "CONFIRM",
"url": "https://github.com/irmen/Pyro3/commit/554e095a62c4412c91f981e72fd34a936ac2bf1e"
},
{
"name": "https://pythonhosted.org/Pyro/12-changes.html",
"refsource": "CONFIRM",
"url": "https://pythonhosted.org/Pyro/12-changes.html"
},
{
"name": "https://bugs.debian.org/631912",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/631912"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-2765",
"datePublished": "2018-08-20T13:00:00.000Z",
"dateReserved": "2011-07-19T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:00:40.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}