PYSEC-2024-175
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/wordops/PYSEC-2024-175.yaml
- JSON Data
- https://api.test.osv.dev/v1/vulns/PYSEC-2024-175
- Aliases
- Published
- 2024-05-06T00:15:10Z
- Modified
- 2025-01-18T22:57:00.507212Z
- Summary
- [none]
- Details
-
WordOps through 3.20.0 has a wo/cli/plugins/stackpref.py TOCTOU race condition because the confpath os.open does not use a mode parameter during file creation.
- References
Affected packages
PyPI / wordops
Package
- Name
- wordops
- View open source insights on deps.dev
- Purl
- pkg:pypi/wordops
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.21.3
Affected versions
3.*
3.9.9.2
3.9.9.4
3.10.0
3.10.1
3.10.2
3.10.3
3.11.0
3.11.1
3.11.2
3.11.3
3.11.4
3.12.0
3.12.1
3.12.2
3.12.3
3.12.4
3.13.0
3.13.1
3.13.2
3.14.0
3.14.1
3.14.2
3.15.0
3.15.1
3.15.2
3.15.3
3.15.4
3.16.0
3.16.1
3.16.2
3.16.3
3.17.0
3.18.0
3.18.1
3.19.0
3.19.1
3.20.0
3.21.0
3.21.1
3.21.2