pyinstaller@3.2 vulnerabilities
PyInstaller bundles a Python application and all its dependencies into a single package.
-
latest version
6.6.0
-
latest non vulnerable version
-
first published
12 years ago
-
latest version published
a month ago
-
licenses detected
- [1.5,4.0)
Direct Vulnerabilities
Known vulnerabilities in the pyinstaller package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
pyinstaller is a package that bundles a Python application and all its dependencies into a single package Affected versions of this package are vulnerable to Execution with Unnecessary Privileges. When the How to fix Execution with Unnecessary Privileges? Upgrade |
[,5.13.1)
|
pyinstaller is a package that bundles a Python application and all its dependencies into a single package Affected versions of this package are vulnerable to Execution with Unnecessary Privileges. On Windows only, a local privilege escalation vulnerability is present in this particular case: If a software using PyInstaller in "onefile" mode is launched by a privileged user (at least more than the current one) which have his "TempPath" resolving to a world writable directory. This is the case for example if the software is launched as a service or as a scheduled task using a system account (TempPath will be How to fix Execution with Unnecessary Privileges? Upgrade |
[,3.6)
|