Vulnerability in Oracle Solaris
CVE-2014-8991
pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user.
EPSS: 0.001 (22.2th percentile) — read the EPSS interpretation.
Affected products
- Oracle Solaris — versions 11.2
- Pypa Pip
- N/a — versions n/a
References
- [oss-security] 20141117 Requesting a CVE for pip - Local DoS with predictable temp directory names (mailing-list, x_refsource_MLIST, Mailing List, Third Party Advisory)
- cve@mitre.org (x_refsource_CONFIRM, Third Party Advisory)
- cve@mitre.org (x_refsource_CONFIRM, Third Party Advisory, Issue Tracking)
- 71209 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
- [oss-security] 20141120 Re: Requesting a CVE for pip - Local DoS with predictable temp directory names (mailing-list, x_refsource_MLIST, Mailing List, Third Party Advisory)
- cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)