Moderate severityNVD Advisory· Published May 8, 2014· Updated May 6, 2026
CVE-2014-1934
CVE-2014-1934
Description
tag.py in eyeD3 (aka python-eyed3) 7.0.3, 0.6.18, and earlier for Python allows local users to modify arbitrary files via a symlink attack on a temporary file.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
eyeD3PyPI | < 0.7.5 | 0.7.5 |
Affected products
29cpe:2.3:a:travis_shirk:eyed3:*:*:*:*:*:*:*:*+ 26 more
- cpe:2.3:a:travis_shirk:eyed3:*:*:*:*:*:*:*:*range: <=0.6.18
- cpe:2.3:a:travis_shirk:eyed3:0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.6.0:-:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.6.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.6.11:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.6.12:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.6.13:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.6.14:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.6.15:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.6.16:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.6.17:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.6.8:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.6.9:*:*:*:*:*:*:*
- cpe:2.3:a:travis_shirk:eyed3:0.7.3:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- github.com/advisories/GHSA-4r2w-w73w-36jmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2014-1934ghsaADVISORY
- lists.opensuse.org/opensuse-updates/2014-05/msg00027.htmlnvdWEB
- lists.opensuse.org/opensuse-updates/2014-05/msg00028.htmlnvdWEB
- bugs.debian.org/cgi-bin/bugreport.cginvdWEB
- bugzilla.redhat.com/show_bug.cginvdWEB
- koji.fedoraproject.org/koji/buildinfoghsaWEB
News mentions
0No linked articles in our index yet.