pip prior to 1.3 allows local users to overwrite arbitrary files via a symlink attack on a file in the /tmp/pip-build temporary directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pypa pip |
||
fedoraproject fedora 17 |
||
fedoraproject fedora 18 |
||
fedoraproject fedora 19 |