VYPR
Moderate severityNVD Advisory· Published Oct 4, 2007· Updated Jun 16, 2026

CVE-2007-5201

CVE-2007-5201

Description

The FTP backend for Duplicity before 0.4.9 sends the password as a command line argument when calling ncftp, which might allow local users to read the password by listing the process and its arguments.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
duplicityPyPI
< 0.4.90.4.9

Affected products

2

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.