Vulnerability Details CVE-2012-5577
Python keyring lib before 0.10 created keyring files with world-readable permissions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.8%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.openwall.com/lists/oss-security/2012/11/27/3
- https://bitbucket.org/kang/python-keyring-lib/commits/049cd181470f1ee6c540e1d64acf1def7b1de0c1
- https://bitbucket.org/kang/python-keyring-lib/issue/67/set-go-rwx-on-keyring_passcfg
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5577
- https://security-tracker.debian.org/tracker/CVE-2012-5577
- http://www.openwall.com/lists/oss-security/2012/11/27/3
- https://bitbucket.org/kang/python-keyring-lib/commits/049cd181470f1ee6c540e1d64acf1def7b1de0c1
- https://bitbucket.org/kang/python-keyring-lib/issue/67/set-go-rwx-on-keyring_passcfg
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5577
- https://security-tracker.debian.org/tracker/CVE-2012-5577
Products affected by CVE-2012-5577
-
cpe:2.3:a:python:keyring:0.2
-
cpe:2.3:a:python:keyring:0.3
-
cpe:2.3:a:python:keyring:0.4
-
cpe:2.3:a:python:keyring:0.5
-
cpe:2.3:a:python:keyring:0.5.1
-
cpe:2.3:a:python:keyring:0.6.1
-
cpe:2.3:a:python:keyring:0.6.2
-
cpe:2.3:a:python:keyring:0.7
-
cpe:2.3:a:python:keyring:0.7.1
-
cpe:2.3:a:python:keyring:0.8
-
cpe:2.3:a:python:keyring:0.8.1
-
cpe:2.3:a:python:keyring:0.9
-
cpe:2.3:a:python:keyring:0.9.1
-
cpe:2.3:a:python:keyring:0.9.2
-
cpe:2.3:a:python:keyring:0.9.3
-
cpe:2.3:o:debian:debian_linux:7.0