pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| pyro(PyPI) | 0 | 3.15 | N/A |
CVSS Metrics
