VDB
GCVE-110-MAGEIA-2014-216
GCVE-110-MAGEIA-2014-216
Advisory Published
It was reported that a patch added to Python 3.2 caused a race condition
where a file created could be created with world read/write permissions
instead of the permissions dictated by the original umask of the process.
This could allow a local attacker that could win the race to view and edit
files created by a program using this call. Note that prior versions of
Python, including 2.x, do not include the vulnerable _get_masked_mode()
function that is used by os.makedirs() when exist_ok is set to True
(CVE-2014-2667).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | python3 | 0 (affected), 3.3.0-4.8.mga3 (unaffected), 0 (affected), 3.3.0-4.8.mga3 (unaffected) | — |
| Mageia | iscsitarget | 0 (affected), 1.4.20.4-1.mga4 (unaffected) | — |
| Mageia | python3 | 0 (affected), 3.3.2-13.3.mga4 (unaffected), 0 (affected), 3.3.2-13.3.mga4 (unaffected) | — |
Aliases
References
Browse GCVE Records
73,280 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.