An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.
History

Tue, 05 Nov 2024 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Python Software Foundation
Python Software Foundation cpython
CPEs cpe:2.3:a:python_software_foundation:cpython:*:*:*:*:*:*:*:*
Vendors & Products Python Software Foundation
Python Software Foundation cpython
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 21 Aug 2024 19:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:rhel_e4s:9.0

cve-icon MITRE

Status: PUBLISHED

Assigner: PSF

Published: 2024-03-19T15:44:28.989Z

Updated: 2024-11-05T19:16:27.862Z

Reserved: 2023-12-07T20:59:23.246Z

Link: CVE-2023-6597

cve-icon Vulnrichment

Updated: 2024-08-02T08:35:14.863Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-03-19T16:15:08.743

Modified: 2024-11-21T08:44:10.463

Link: CVE-2023-6597

cve-icon Redhat

Severity : Important

Publid Date: 2024-03-19T00:00:00Z

Links: CVE-2023-6597 - Bugzilla