OSVDB-117492: Insecure Temporary File Creation

January 15, 2015

wx.tools.img2py creates temporary files insecurely. It is possible for a local attacker to use a symlink attack against an unspecified file to cause the program to unexpectedly overwrite an arbitrary file.

References

www.osvdb.org/show/osvdb/117492
github.com/wxWidgets/wxPython/commits/master/wx/tools/img2py.py

Detect and mitigate OSVDB-117492 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →