{"id":"PYSEC-2013-32","details":"cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/.","aliases":["CVE-2013-2217","GHSA-vpqp-hx68-p2wx","PYSEC-2013-33"],"modified":"2023-11-08T03:57:18.590032Z","published":"2013-09-23T20:55:00Z","references":[{"type":"WEB","url":"http://lists.opensuse.org/opensuse-updates/2013-07/msg00062.html"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2013/06/27/8"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=978696"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2008-1"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-vpqp-hx68-p2wx"}],"affected":[{"package":{"name":"suds","ecosystem":"PyPI","purl":"pkg:pypi/suds"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.7.0"}]}],"versions":["0.3.4","0.3.5","0.3.6","0.3.7","0.3.8","0.3.9","0.4"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/suds/PYSEC-2013-32.yaml"}}],"schema_version":"1.7.3"}