eyed3@0.9.6 vulnerabilities

Python audio data toolkit (ID3 and MP3)

latest version

0.9.7
first published

7 years ago
latest version published

2 years ago
licenses detected
- GPL-3.0
  [0,)
View eyed3 package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the eyed3 package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Insecure use of temporary file `eyeD3` is a Python audio data toolkit (ID3 and MP3) Affected versions of this package are vulnerable due to the Insecure use of temporary files. tag.py in eyeD3 (aka python-eyed3) 7.0.3, 0.6.18, and earlier for Python allows local users to modify arbitrary files via a symlink attack on a temporary file. How to fix Insecure use of temporary file? Upgrade to version `7.0.3` or greater.	[,0.6.18] [,7.0.3]

Insecure use of temporary file

eyeD3 is a Python audio data toolkit (ID3 and MP3)

Affected versions of this package are vulnerable due to the Insecure use of temporary files. tag.py in eyeD3 (aka python-eyed3) 7.0.3, 0.6.18, and earlier for Python allows local users to modify arbitrary files via a symlink attack on a temporary file.

How to fix Insecure use of temporary file?

Upgrade to version 7.0.3 or greater.

[,0.6.18] [,7.0.3]

Go back to all versions of this package

eyed3@0.9.6 vulnerabilities

Python audio data toolkit (ID3 and MP3)

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities