Veracode Vulnerability DatabaseVERACODE:44620Local Privilege Escalation
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
5.1%
pyinstaller is vulnerable to Local Privilege Escalation. The vulnerability exists due to insecure directories used in the library, allowing an attacker to delete files on the system if the applications contains either matplotlib or win32com, and the temporary directory is not locked to a specific user.
References
github.com/advisories/GHSA-9w2p-rh8c-v9g5
github.com/pyinstaller/pyinstaller/commit/cc35d2cd36e5207d0a6509035d0537e1ac7e48e1
github.com/pyinstaller/pyinstaller/pull/7827
github.com/pyinstaller/pyinstaller/security/advisories/GHSA-9w2p-rh8c-v9g5
github.com/python/cpython/blob/0fb18b02c8ad56299d6a2910be0bab8ad601ef24/Lib/shutil.py#L623
lists.fedoraproject.org/archives/list/[email protected]/message/2K2XIQLEMZIKUQUOWNDYWTEWYQTKMAN7/
lists.fedoraproject.org/archives/list/[email protected]/message/ISRWT34FAF23PUOLVZ7RVWBZMWPDR5U7/
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
5.1%