CVE-2014-1839: Incorrect Default Permissions
(updated )
The Execute
class in shellutils
in logilab-commons uses tempfile.mktemp
, which allows local users to have an unspecified impact by pre-creating the temporary file.
References
Detect and mitigate CVE-2014-1839 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →