Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNnNzUtNjkzOC13eDU4
python-docutils allows insecure usage of temporary files
python-docutils allows insecure usage of temporary files.
Permalink: https://github.com/advisories/GHSA-cg75-6938-wx58JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNnNzUtNjkzOC13eDU4
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Critical
Classification: General
Published: almost 5 years ago
Updated: 4 months ago
CVSS Score: 9.1
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Percentage: 0.00186
EPSS Percentile: 0.56069
Identifiers: GHSA-cg75-6938-wx58, CVE-2009-5042
References:
- https://nvd.nist.gov/vuln/detail/CVE-2009-5042
- https://security-tracker.debian.org/tracker/CVE-2009-5042
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560755
- https://github.com/advisories/GHSA-cg75-6938-wx58
- https://github.com/pypa/advisory-database/tree/main/vulns/docutils/PYSEC-2019-176.yaml
Affected Packages
pypi:docutils
Dependent packages: 2,030Dependent repositories: 102,533
Downloads: 132,774,823 last month
Affected Version Ranges: >= 0.5, < 0.6
Fixed in: 0.6
All affected versions:
All unaffected versions: 0.3.5, 0.3.7, 0.3.9, 0.8.1, 0.9.1, 0.13.1, 0.15.1, 0.15.2, 0.17.1, 0.18.1, 0.20.1, 0.21.1, 0.21.2