High severityNVD Advisory· Published Apr 22, 2019· Updated Sep 16, 2024

python-dbusmock arbitrary code execution or file overwrite when templates are loaded from /tmp

CVE-2015-1326

Description

python-dbusmock before version 0.15.1 AddTemplate() D-Bus method call or DBusTestCase.spawn_server_template() method could be tricked into executing malicious code if an attacker supplies a .pyc file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
python-dbusmockPyPI	< 0.15.1	0.15.1

Affected products

ghsa-coords
pkg:pypi/python-dbusmock
Range: < 0.15.1
Ubuntu/python-dbusmockv5
Range: unspecified

Patches

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/advisories/GHSA-74xw-82v7-hmrmghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2015-1326ghsaADVISORY
github.com/martinpitt/python-dbusmock/commit/4e7d0df9093ghsax_refsource_MISCWEB
github.com/pypa/advisory-database/tree/main/vulns/python-dbusmock/PYSEC-2019-155.yamlghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.001
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000