{"id":"CVE-2014-8991","details":"pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user.","aliases":["GHSA-53mr-44pp-crf4","PYSEC-2014-11"],"modified":"2026-04-16T01:40:36.598935346Z","published":"2014-11-24T15:59:15Z","withdrawn":"2026-01-27T04:13:28.462117Z","related":["SUSE-FU-2021:2130-1","SUSE-RU-2019:2505-1","openSUSE-SU-2024:10098-1","openSUSE-SU-2024:11251-1","openSUSE-SU-2024:11281-1","openSUSE-SU-2024:13916-1"],"references":[{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2014/11/19/17"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2014/11/20/6"},{"type":"ADVISORY","url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/71209"},{"type":"REPORT","url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725847"},{"type":"FIX","url":"https://github.com/pypa/pip/pull/2122"}],"schema_version":"1.7.3"}