VYPR

rpm package

suse/python-xdg&distro=SUSE Linux Enterprise Desktop 12 SP4

pkg:rpm/suse/python-xdg&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4

Vulnerabilities (1)

  • CVE-2014-1624Jan 28, 2014
    affected < 0.25-9.3.1fixed 0.25-9.3.1

    Race condition in the xdg.BaseDirectory.get_runtime_dir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controll