Duplicity Project: >> Duplicity >> 0.4.1 Security Vulnerabilities
The FTP backend for Duplicity before 0.4.9 sends the password as a command line argument when calling ncftp, which might allow local users to read the password by listing the process and its arguments.
CVSS Score
4.6
EPSS Score
0.001
Published
2007-10-04