icon

We found results for “

CVE-2014-2667

Good to know:

Date: November 15, 2014

Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 through 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to bypass intended file permissions by leveraging a separate application vulnerability before the umask has been set to the expected value.

Language: Python

Severity Score

Severity Score

Weakness Type (CWE)

Race Conditions

CWE-362

Top Fix

icon

Upgrade Version

CVSS v2

Base Score:
Access Vector (AV): LOCAL
Access Complexity (AC): MEDIUM
Authentication (AU): NONE
Confidentiality (C): PARTIAL
Integrity (I): PARTIAL
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us