{"id":"PYSEC-2013-33","details":"cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/.","aliases":["CVE-2013-2217","GHSA-vpqp-hx68-p2wx","PYSEC-2013-32"],"modified":"2023-11-08T03:57:18.590032Z","published":"2013-09-23T20:55:00Z","references":[{"type":"WEB","url":"http://lists.opensuse.org/opensuse-updates/2013-07/msg00062.html"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2013/06/27/8"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=978696"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2008-1"}],"affected":[{"package":{"name":"suds-py3","ecosystem":"PyPI","purl":"pkg:pypi/suds-py3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.4.4.1"}]}],"versions":["1.0.0.0","1.3.1.0","1.3.2.0","1.3.3.0","1.3.4.0","1.4.0.0","1.4.1.0","1.4.2.0","1.4.3.0"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/suds-py3/PYSEC-2013-33.yaml"}}],"schema_version":"1.7.3"}