PT-2023-33012 — Tempfile+3

PT-2023-33012 · Tempfile+3 · Tempfile+3

Published

2023-07-17

Updated

2023-07-17

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions tempfile versions prior to the version that updates remove dir all to a non-vulnerable version remove dir all version 0.5.3

Description The issue concerns a problem with the remove dir all function. Updating tempfile is necessary due to its dependency on the affected remove dir all version. This affects the deployment of version 12 to the openSUSE distribution because it requires a clean cargo audit.

Recommendations For tempfile versions prior to the version that updates remove dir all to a non-vulnerable version, update tempfile to a version that includes a non-vulnerable remove dir all. For remove dir all version 0.5.3, update remove dir all to a non-vulnerable version.

Time Of Check To Time Of Use

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-367

Related Identifiers

GHSA-F2WX-XJFW-XJV6

Affected Products

Cargo

Opensuse

Remove Dir All

Tempfile

Weakness Enumeration

Related Identifiers

Affected Products

References · 6