Safety vulnerability ID: 71463
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Affected versions of Wordops are vulnerable to TOCTOU (Time-of-Check to Time-of-Use) race condition in `wo/cli/plugins/stack_pref.py`. This vulnerability occurred because the 'os.open' call did not use a mode parameter during file creation.
Latest version: 3.22.0
An essential toolset that eases server administration
- Remove php72 and php73 stacks
- All APT repositories are properly signed with gpg keys
- Netdata is installed from debian packages when available
- Less logs in acme.sh operation
- Migrate all repositories in /etc/apt/sources.list.d/wo-repo.list in indivual files like mariadb.list, redis.list, wordops.list
Fixed
- wo info php versions display
- Repositories's gpg keys are not managed with apt-key anymore
- `wo site update site.tld --hsts` errors
- `wo site update site.tld --ngxblocker` errors
- Netdata install and upgrade
- 22222 Backend not secure with valid SSL certificate
Security
- Fix [CVE-2024-34528](https://github.com/advisories/GHSA-23qq-p4gq-gc2g)
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application