Lucene search
MitreCVE-2014-8991HistoryNov 24, 2014 - 3:59 p.m.
CVE-2014-8991
2014-11-2415:59:15
mitre
web.nvd.nist.gov
32
2
cve-2014-8991
pip
denial of service
nvd
security vulnerability
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
AI Score
5.4
Confidence
High
EPSS
0.001
Percentile
31.0%
pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user.
Affected configurations
Node
pypapipRange1.3–1.5.6
Node
oraclesolarisMatch11.2
References
Social References
More
Related
debiancve
debiancve
CVE-2014-8991
2014-11-24 15:59:15
ubuntucve
ubuntucve
CVE-2014-8991
2014-11-24 00:00:00
osv
osv
pip lack of randomness in build directory
2022-05-13 01:11:25
PYSEC-2014-11
2014-11-24 15:59:00
mageia
mageia
Updated python-pip packages fix CVE-2014-8991
2015-01-15 00:55:47
cvelist
cvelist
CVE-2014-8991
2014-11-24 15:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0023)
2022-01-28 00:00:00
nvd
nvd
CVE-2014-8991
2014-11-24 15:59:15
prion
prion
Code injection
2014-11-24 15:59:00
github
github
pip lack of randomness in build directory
2022-05-13 01:11:25
ibm
ibm
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
AI Score
5.4
Confidence
High
EPSS
0.001
Percentile
31.0%
Related for CVE-2014-8991