CVE-2014-1858

Public on 2014-03-10
Modified on 2014-09-17
Description
__init__.py in f2py in NumPy before 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file.
Severity
Low severity
Low
See what this means
CVSS v3 Base Score
2.1
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 1 numpy 2014-03-10 ALAS-2014-302 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv2 2.1 AV:L/AC:L/Au:N/C:N/I:P/A:N

References

FAQs regarding Amazon Linux ALAS/CVE Severity Red Hat: CVE-2014-1858 Mitre: CVE-2014-1858