Lucene search
Gentoo FoundationMGASA-2015-0023HistoryJan 15, 2015 - 12:55 a.m.
Updated python-pip packages fix CVE-2014-8991
2015-01-1500:55:47
Gentoo Foundation
advisories.mageia.org
16
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.001
Percentile
31.0%
Updated python-pip packages fix security vulnerability: pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user (CVE-2014-8991).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 4 | noarch | python-pip | < 1.4.1-4.2 | python-pip-1.4.1-4.2.mga4 |
Related
debiancve
debiancve
CVE-2014-8991
2014-11-24 15:59:15
osv
osv
pip lack of randomness in build directory
2022-05-13 01:11:25
PYSEC-2014-11
2014-11-24 15:59:00
ubuntucve
ubuntucve
CVE-2014-8991
2014-11-24 00:00:00
cvelist
cvelist
CVE-2014-8991
2014-11-24 15:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0023)
2022-01-28 00:00:00
nvd
nvd
CVE-2014-8991
2014-11-24 15:59:15
cve
cve
CVE-2014-8991
2014-11-24 15:59:15
prion
prion
Code injection
2014-11-24 15:59:00
github
github
pip lack of randomness in build directory
2022-05-13 01:11:25
ibm
ibm
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.001
Percentile
31.0%
Related for MGASA-2015-0023