CVE Vulnerabilities

CVE-2012-0878

Published: May 01, 2012 | Modified: Apr 02, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.1 MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leveraging a web application that uses the local filesystem.

Affected Software

Name Vendor Start Version End Version
Paste Pythonpaste * 1.7.5

References