Incorrect Default Permissions in keyring · CVE-2012-5578 · GitHub Advisory Database · GitHub

Incorrect Default Permissions in keyring

Moderate severity GitHub Reviewed Published Mar 10, 2020 to the GitHub Advisory Database • Updated Jan 9, 2023

Package

keyring (pip)

Affected versions

< 0.10

Patched versions

0.10

Description

Python keyring has insecure permissions on new databases allowing world-readable files to be created

References

Reviewed Mar 10, 2020

Published to the GitHub Advisory Database Mar 10, 2020

Last updated Jan 9, 2023