This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author Yusuke Endoh
Recipients Yusuke Endoh
Date 2018-11-19.12:46:03
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>

The tempfile library does not check the prefix argument, which can be exploited to create files outside tmpdir by using directory traversal.

>>> import tempfile
>>> tempfile.gettempprefix()
>>> f = tempfile.NamedTemporaryFile(prefix="/home/mame/cracked")

The same issue was found and treated as a vulnerability in PHP (CVE-2006-1494) and Ruby (CVE-2018-6914).

I first reported this issue to at July 2018.  Some people kindly discussed it, and finally I was told to create a ticket here.
Date User Action Args
2018-11-19 12:46:03Yusuke Endohsetrecipients: + Yusuke Endoh
2018-11-19 12:46:03Yusuke Endohsetmessageid: <>
2018-11-19 12:46:03Yusuke Endohlinkissue35278 messages
2018-11-19 12:46:03Yusuke Endohcreate