PYSEC-2014-117

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/rply/PYSEC-2014-117.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2014-117
Aliases
Withdrawn
2026-07-09T16:19:00Z
Published
2014-01-28T00:55:04.037Z
Modified
2026-07-09T16:45:09.115773428Z
Summary
[none]
Details

Withdrawn as duplicate of PYSEC-2014-17. The parser cache functionality in parsergenerator.py in RPLY (aka python-rply) before 0.7.1 allows local users to spoof cache data by pre-creating a temporary rply-*.json file with a predictable name.

References

Affected packages

PyPI / rply

Package

Affected ranges

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/rply/PYSEC-2014-117.yaml"