CVE-2023-29465 Information

Description

SageMath FlintQS 1.0 relies on pathnames under TMPDIR (typically world-writable) which (for example) allows a local user to overwrite files with the privileges of a different user (who is running FlintQS).

Reference

https://github.com/sagemath/sage/pull/35419 https://github.com/sagemath/FlintQS/issues/3