CVE-2024-39934

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-39934
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-39934.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-39934
Published
2024-07-04T19:15:10Z
Modified
2024-07-09T01:22:11.118009Z
Summary
[none]
Details

Robotmk before 2.0.1 allows a local user to escalate privileges (e.g., to SYSTEM) if automated Python environment setup is enabled, because the "shared holotree usage" feature allows any user to edit any Python environment.

References

Affected packages

Git / github.com/elabit/robotmk

Affected ranges

Type
GIT
Repo
https://github.com/elabit/robotmk
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

Other

stable

v2.*

v2.0.0
v2.0.0-alpha
v2.0.0-alpha-1
v2.0.0-alpha-10
v2.0.0-alpha-11
v2.0.0-alpha-12
v2.0.0-alpha-13
v2.0.0-alpha-2
v2.0.0-alpha-3
v2.0.0-alpha-4
v2.0.0-alpha-5
v2.0.0-alpha-6
v2.0.0-alpha-7
v2.0.0-alpha-8
v2.0.0-alpha-9
v2.0.0-beta-0
v2.0.0-beta-1
v2.0.0-beta-2