From 9fec3a057d2de4c647e0ca4d33feceaab9a5b033 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sat, 7 Sep 2024 04:03:17 +0000 Subject: [PATCH] Auto-Update: 2024-09-07T04:00:16.919259+00:00 --- CVE-2024/CVE-2024-40xx/CVE-2024-4030.json | 4 ++-- README.md | 6 +++--- _state.csv | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/CVE-2024/CVE-2024-40xx/CVE-2024-4030.json b/CVE-2024/CVE-2024-40xx/CVE-2024-4030.json index 88c3fe360de..23bcfece9f4 100644 --- a/CVE-2024/CVE-2024-40xx/CVE-2024-4030.json +++ b/CVE-2024/CVE-2024-40xx/CVE-2024-4030.json @@ -2,13 +2,13 @@ "id": "CVE-2024-4030", "sourceIdentifier": "cna@python.org", "published": "2024-05-07T21:15:09.467", - "lastModified": "2024-07-05T16:15:05.520", + "lastModified": "2024-09-07T03:15:09.917", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile directory may not have the intended permissions.\n\nIf you\u2019re not using Windows or haven\u2019t changed the temporary directory location then you aren\u2019t affected by this vulnerability. On other platforms the returned directory is consistently readable and writable only by the current user.\n\nThis issue was caused by Python not supporting Unix permissions on Windows. The fix adds support for Unix \u201c700\u201d for the mkdir function on Windows which is used by mkdtemp() to ensure the newly created directory has the proper permissions.\n" + "value": "On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile directory may not have the intended permissions.\n\nIf you\u2019re not using Windows or haven\u2019t changed the temporary directory location then you aren\u2019t affected by this vulnerability. On other platforms the returned directory is consistently readable and writable only by the current user.\n\nThis issue was caused by Python not supporting Unix permissions on Windows. The fix adds support for Unix \u201c700\u201d for the mkdir function on Windows which is used by mkdtemp() to ensure the newly created directory has the proper permissions." }, { "lang": "es", diff --git a/README.md b/README.md index 138abae6693..df3df76dbf0 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-09-07T02:00:17.119200+00:00 +2024-09-07T04:00:16.919259+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-09-07T01:34:05.907000+00:00 +2024-09-07T03:15:09.917000+00:00 ``` ### Last Data Feed Release @@ -46,7 +46,7 @@ Recently added CVEs: `0` Recently modified CVEs: `1` -- [CVE-2024-45307](CVE-2024/CVE-2024-453xx/CVE-2024-45307.json) (`2024-09-07T01:34:05.907`) +- [CVE-2024-4030](CVE-2024/CVE-2024-40xx/CVE-2024-4030.json) (`2024-09-07T03:15:09.917`) ## Download and Usage diff --git a/_state.csv b/_state.csv index c995074bfb9..c527db57480 100644 --- a/_state.csv +++ b/_state.csv @@ -256766,7 +256766,7 @@ CVE-2024-4022,0,0,9e369b5b5ea8df7d6bd27a7262a9ade1fde2246b7a1d942564d51d8d0f92ed CVE-2024-4024,0,0,39a8ae3bd69b37ba79ac03debc5205152435188654e5df8dcdef82b4a9e7241a,2024-04-25T17:25:05.903000 CVE-2024-4026,0,0,52171498c993bd60e060ecb310b6ba3adb61d51839677cb6159cb2398bf728c1,2024-04-22T13:28:34.007000 CVE-2024-4029,0,0,07f4a3557bfc1c26259e7db528f531861deb0f132a9070099c7eec2168b5c67e,2024-05-02T18:00:37.360000 -CVE-2024-4030,0,0,5921f7a0bad0c927ce4dbb50662fc4a35b1a0000bcf4f0fcdcf8646834ec4372,2024-07-05T16:15:05.520000 +CVE-2024-4030,0,1,19f825236112c2d38d9364772b7c94395cd52376c790d25417954ee2205eccd6,2024-09-07T03:15:09.917000 CVE-2024-4031,0,0,5f28e8c1b5067aec87f50d97cb32ada2d0e893cae64c0dbc730c44d567aac95b,2024-04-23T12:52:09.397000 CVE-2024-40318,0,0,f408c0d0f38b709a30b5f60bb9fda15422ea10a5b622771fde6eea8ad61fdb12,2024-08-26T16:48:28.277000 CVE-2024-4032,0,0,13bcc706db1b9aacb6c149026a29effe95f8941a867300fe999a8ce380506ac0,2024-08-29T21:35:11.017000 @@ -259142,7 +259142,7 @@ CVE-2024-45302,0,0,81d543b8058ec9a64648a785b7fa014c697fce5846d6cc78b75fe051c3ed2 CVE-2024-45304,0,0,1414ce8fe9746c46bc2063f6428cc45402e10f1afbb5a5e378e238c2ed3a1fbe,2024-09-03T12:59:02.453000 CVE-2024-45305,0,0,d8e5983b9530b80332e508eeeefa8750e30400000717cc407d2937a9af13a873,2024-09-03T12:59:02.453000 CVE-2024-45306,0,0,2089f2b015e15041c3f3807cc6f2c8eb1cf893208c28e4b1ca171ff53a3a8feb,2024-09-03T12:59:02.453000 -CVE-2024-45307,0,1,453e354c13ea082f71f784fb99af4cdeb162dcc05e43b9c9b2e7febafaebfb7b,2024-09-07T01:34:05.907000 +CVE-2024-45307,0,0,453e354c13ea082f71f784fb99af4cdeb162dcc05e43b9c9b2e7febafaebfb7b,2024-09-07T01:34:05.907000 CVE-2024-45308,0,0,700e0eb4024a102ed71899877978cfb0e434a318435f3d46acfc9659de5f360b,2024-09-03T12:59:02.453000 CVE-2024-4531,0,0,5dc1dd0922f3418ce95c33a9fc334c76453bfc98ac8636a0eebb27c9c952bb3f,2024-07-03T02:07:42.610000 CVE-2024-45310,0,0,cf559c2fb608db5e942d7bd154cefbc5964353e2198d862886f1fbdd9c82a973,2024-09-03T19:40:46.783000