VYPR

flower

by File Project

CVEs (1)

  • CVE-2017-14483MedSep 15, 2017
    risk 0.36cvss 5.5epss 0.00

    flower.initd in the Gentoo dev-python/flower package before 0.9.1-r1 for Celery Flower sets PID file ownership to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root…