VDB
GCVE-110-MAGEIA-2024-96
GCVE-110-MAGEIA-2024-96
Advisory Published
The tempfile.TemporaryDirectory class would dereference symlinks during
cleanup of permissions-related errors. This means users which can run
privileged programs are potentially able to modify permissions of files
referenced by symlinks in some circumstances. (CVE-2023-6597)
The zipfile module is vulnerable to “quoted-overlap” zip-bombs which
exploit the zip format to create a zip-bomb with a high compression
ratio. The fixed versions of CPython makes the zipfile module reject zip
archives which overlap entries in the archive. (CVE-2024-0450)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | python3 | 3.10.11-1.2.mga9 (unaffected), 0 (affected), 3.10.11-1.2.mga9 (unaffected), 0 (affected) | — |
| Mageia | python | 0 (affected), 0 (affected), 2.7.18-15.2.mga9 (unaffected), 2.7.18-15.2.mga9 (unaffected) | — |
| Mageia | iproute2 | 0 (affected), 6.6.0-1.mga9 (unaffected) | — |
References
Browse GCVE Records
73,053 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.