Vulnerabilities > Python > Pyxdg > 0.25
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-06-06 | CVE-2019-12761 | Code Injection vulnerability in Python Pyxdg 0.25 A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. | 5.1 |
2014-01-28 | CVE-2014-1624 | Link Following vulnerability in Python Pyxdg 0.25 Race condition in the xdg.BaseDirectory.get_runtime_dir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controlled location once the get_runtime_dir function is called. | 3.3 |