Moderate severityNVD Advisory· Published Mar 11, 2014· Updated Jun 17, 2026
CVE-2014-1839
CVE-2014-1839
Description
The Execute class in shellutils in logilab-commons before 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
logilab-commonPyPI | < 0.61.0 | 0.61.0 |
Affected products
5- ghsa-coords2 versions
< 0.61.0+ 1 more
- (no CPE)range: < 0.61.0
- (no CPE)range: < 1.11.0-1.5
Patches
Vulnerability mechanics
References
8- secunia.com/advisories/57209nvdVendor Advisory
- github.com/advisories/GHSA-g5m2-22h2-rr3jghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2014-1839ghsaADVISORY
- comments.gmane.org/gmane.comp.security.oss.general/11986nvdWEB
- lists.opensuse.org/opensuse-updates/2014-02/msg00085.htmlnvdWEB
- www.logilab.org/ticket/207562nvdWEB
- bugs.debian.org/cgi-bin/bugreport.cginvdWEB
- github.com/pypa/advisory-database/tree/main/vulns/logilab-common/PYSEC-2014-84.yamlghsaWEB
News mentions
0No linked articles in our index yet.