NVD

Id
35820  
Name
CVE-2014-8991  
Description
pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user.  
Reject
 
CVSS Version
2  
CVSS Score
2.1  
Severity
Low  
CVSS Base Score
2.1  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-19  
Published
2014-11-24  
Modified Date
2016-11-22  
Seq
2014-8991  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
183429 35820 CVE-2014-8991 [oss-security] 20141117 Requesting a CVE for pip - Local DoS with predictable temp directory names  View
183430 35820 CVE-2014-8991 [oss-security] 20141120 Re: Requesting a CVE for pip - Local DoS with predictable temp directory names  View
183431 35820 CVE-2014-8991 http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html  View
183432 35820 CVE-2014-8991 71209  View
183433 35820 CVE-2014-8991 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725847  View
183434 35820 CVE-2014-8991 https://github.com/pypa/pip/pull/2122  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
16748 JVNDB-2014-005623 pip におけるサービス運用妨害 (DoS) の脆弱性 pip には、サービス運用妨害 (パッケージインストールの阻止) 状態にされる脆弱性が存在します。 CVE-2014-8991 76284 CVE-2014-8991 35820 2.1 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-005623.html 2014-11-12 2015-07-31 View