
CVE-2024-4030 – tempfile.mkdtemp() may be readable and writeable by all users on Windows
https://notcve.org/view.php?id=CVE-2024-4030
07 May 2024 — On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile directory may not have the intended permissions. If you’re not using Windows or haven’t changed the temporary directory location then you aren’t affected by this vulnerability. On other platforms the returned direct... • https://github.com/python/cpython/commit/35c799d79177b962ddace2fa068101465570a29a • CWE-276: Incorrect Default Permissions •

CVE-2023-6597 – python: Path traversal on tempfile.TemporaryDirectory
https://notcve.org/view.php?id=CVE-2023-6597
19 Mar 2024 — An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances. Se encontró un problema en la clase CPython `tempfile.TemporaryDirectory` que afecta a las versiones 3.12.2,... • http://www.openwall.com/lists/oss-security/2024/03/20/5 • CWE-61: UNIX Symbolic Link (Symlink) Following •

CVE-2024-0450 – Quoted zip-bomb protection for zipfile
https://notcve.org/view.php?id=CVE-2024-0450
19 Mar 2024 — An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive. Se encontró un problema en el módulo `zipfile` de CPython que afecta a las versiones 3.12.2, 3.11.8, 3.10.13, 3.9.18 y 3.8.18 y an... • http://www.openwall.com/lists/oss-security/2024/03/20/5 • CWE-405: Asymmetric Resource Consumption (Amplification) CWE-450: Multiple Interpretations of UI Input •

CVE-2024-21503 – psf/black: ReDoS via the lines_with_leading_tabs_expanded() function in strings.py file
https://notcve.org/view.php?id=CVE-2024-21503
19 Mar 2024 — Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. Exploiting this vulnerability is possible when running Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings. Las versiones del paquete black anteriores a la 24.3.0 son vu... • https://github.com/psf/black/commit/f00093672628d212b8965a8993cee8bedf5fe9b8 • CWE-75: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) CWE-1333: Inefficient Regular Expression Complexity •

CVE-2008-4108
https://notcve.org/view.php?id=CVE-2008-4108
18 Sep 2008 — Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common usage scenarios in which tmp$RANDOM.tmp is located in an untrusted directory. Tools/faqwiz/move-faqwiz.sh (también conocido como "la herramienta de movimiento del asistente genérico del FAQ") en Python 2.4.5, puede que permita a usuarios locales sobrescribir ficheros de su elección a tr... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498899 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVE-2008-0299 – Gentoo Linux Security Advisory 200803-7
https://notcve.org/view.php?id=CVE-2008-0299
16 Jan 2008 — common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool. common.py in Paramiko 1.7.1 y versiones anteriores, cuando se utilizan hilos o procesos bifurcados, no utiliza apropiadamente RandomPool, lo cual permite a una sesión obtener información confidencial de otra sesión prediciendo el estado de la pila de conexiones. Dwayne C. Litzenber... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=460706 •

CVE-2007-1657 – MiniGZip - Controls File_Compress Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-1657
24 Mar 2007 — Stack-based buffer overflow in the file_compress function in minigzip (Modules/zlib) in Python 2.5 allows context-dependent attackers to execute arbitrary code via a long file argument. Desbordamiento de búfer en la función file_compress en minigzip (Modules/zlib) en Python 2.5 permite a atacantes dependientes del contexto ejecutar código de su elección a través del un argumento de archivo. • https://www.exploit-db.com/exploits/29740 •