CVE-2014-1938: Improper Link Resolution Before File Access
(updated )
python-rply before 0.7.4 insecurely creates temporary files.
References
- www.openwall.com/lists/oss-security/2014/02/11/1
- bugs.debian.org/cgi-bin/bugreport.cgi?bug=737627
- github.com/advisories/GHSA-m8qc-mf6p-pfq9
- github.com/alex/rply/commit/76d268a38c627bf4aebebcd064f5b6d380eb8b20
- github.com/alex/rply/issues/42
- nvd.nist.gov/vuln/detail/CVE-2014-1938
- security-tracker.debian.org/tracker/CVE-2014-1938
Detect and mitigate CVE-2014-1938 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →