Search for packages
| purl | pkg:pypi/logilab-common@0.61.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-4tzc-1ykk-uydm | The (1) extract_keys_from_pdf and (2) fill_pdf functions in pdf_ext.py in logilab-commons before 0.61.0 allows local users to overwrite arbitrary files and possibly have other unspecified impact via a symlink attack on /tmp/toto.fdf. |
CVE-2014-1838
GHSA-rr52-wg7f-8875 PYSEC-2014-83 |
| VCID-5z59-jfr9-y3hj | The Execute class in shellutils in logilab-commons before 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file. |
CVE-2014-1839
GHSA-g5m2-22h2-rr3j PYSEC-2014-84 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-05-31T11:34:52.386498+00:00 | GithubOSV Importer | Fixing | VCID-4tzc-1ykk-uydm | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-rr52-wg7f-8875/GHSA-rr52-wg7f-8875.json | 38.6.0 |
| 2026-05-31T11:29:15.120051+00:00 | GithubOSV Importer | Fixing | VCID-5z59-jfr9-y3hj | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-g5m2-22h2-rr3j/GHSA-g5m2-22h2-rr3j.json | 38.6.0 |
| 2026-05-30T20:59:07.695996+00:00 | GitLab Importer | Fixing | VCID-4tzc-1ykk-uydm | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/logilab-common/CVE-2014-1838.yml | 38.6.0 |
| 2026-05-30T20:58:58.206912+00:00 | GitLab Importer | Fixing | VCID-5z59-jfr9-y3hj | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/logilab-common/CVE-2014-1839.yml | 38.6.0 |