CVE-2025-71176

Summary

pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-{user} name pattern, which allows local users to cause a denial of service or possibly gain privileges.

Affected Software

VendorProductVersion RangeStatus
pytestpytest0 <= 9.0.2affected

Weaknesses

  • CWE-379: CWE-379 Creation of Temporary File in Directory with Insecure Permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References