漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
The seffaflik thru 0.0.9 is vulnerable to symlink attacks due to incorrect default permissions given to the .kimlik file and .seffaflik file, which is created with mode 0777 and 0775 respectively, exposing secrets to other local users. Additionally, the .kimlik file is written without symlink checks, allowing local attackers to overwrite arbitrary files. This can result in information disclosure and denial of service.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
seffaflik 安全漏洞
Vulnerability Description
seffaflik是nurisensoy个人开发者的一个Python库。 seffaflik 0.0.9及之前版本存在安全漏洞,该漏洞源于.kimlik文件和.seffaflik文件默认权限设置不当且缺少符号链接检查,可能导致信息泄露和拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A