Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The seffaflik thru 0.0.9 is vulnerable to symlink attacks due to incorrect default permissions given to the .kimlik file and .seffaflik file, which is created with mode 0777 and 0775 respectively, exposing secrets to other local users. Additionally, the .kimlik file is written without symlink checks, allowing local attackers to overwrite arbitrary files. This can result in information disclosure and denial of service.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
seffaflik 安全漏洞
Vulnerability Description
seffaflik是nurisensoy个人开发者的一个Python库。 seffaflik 0.0.9及之前版本存在安全漏洞,该漏洞源于.kimlik文件和.seffaflik文件默认权限设置不当且缺少符号链接检查,可能导致信息泄露和拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A