7.8

CVE-2013-4251

The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ScipyScipy Version < 0.12.1
FedoraprojectFedora Version18
FedoraprojectFedora Version19
FedoraprojectFedora Version20
RedhatEnterprise Linux Version6.0
DebianDebian Linux Version8.0
DebianDebian Linux Version9.0
DebianDebian Linux Version10.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.43% 0.34
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120696.html
Third Party Advisory
Mailing List
http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119759.html
Third Party Advisory
Mailing List
http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119771.html
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/63008
Third Party Advisory
VDB Entry
https://access.redhat.com/security/cve/cve-2013-4251
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4251
Third Party Advisory
Issue Tracking
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4251
Third Party Advisory
Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/88052
Third Party Advisory
VDB Entry
https://github.com/scipy/scipy/commit/bd296e0336420b840fcd2faabb97084fd252a973
Patch
Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2013-4251
Patch
Third Party Advisory