CVE-2011-2765 — Pyro mishandles pid files in temporary directory locations and opening the pid f

Description

pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks.

How to fix CVE-2011-2765

To remediate CVE-2011-2765, upgrade the affected package to a fixed version below.

Debian/pyro—upgrade to 1:3.14-1 or later
—upgrade to 3.15 or later
—upgrade to 554e095a62c4412c91f981e72fd34a936ac2bf1e or later

Is CVE-2011-2765 being exploited?

Low — EPSS is 0.4%, meaning exploitation activity has not been observed at scale.

Affected packages (3)

from 0, < 1:3.14-1
from 0, < 3.15
from 0, < 554e095a62c4412c91f981e72fd34a936ac2bf1e | from 0, < 3.15

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References (7)

ADVISORYgithub.com/advisories/GHSA-xrr4-74mc-rpjc
ADVISORYnvd.nist.gov/vuln/detail/CVE-2011-2765
PATCHgithub.com/irmen/Pyro3
WEBbugs.debian.org/631912
WEBgithub.com