High severityNVD Advisory· Published Nov 25, 2019· Updated Aug 6, 2024
CVE-2012-5578
CVE-2012-5578
Description
Python keyring has insecure permissions on new databases allowing world-readable files to be created
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
keyringPyPI | < 0.10 | 0.10 |
Affected products
2- Python/Python keyringv5Range: <= 0.10
Patches
Vulnerability mechanics
References
10- access.redhat.com/security/cve/cve-2012-5578ghsavendor-advisoryx_refsource_REDHATWEB
- github.com/advisories/GHSA-8867-vpm3-g98gghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2012-5578ghsaADVISORY
- security-tracker.debian.org/tracker/CVE-2012-5578ghsavendor-advisoryx_refsource_DEBIANWEB
- www.openwall.com/lists/oss-security/2012/11/27/4ghsax_refsource_MISCWEB
- bugs.launchpad.net/ubuntu/+source/python-keyring/+bug/1031465ghsax_refsource_MISCWEB
- bugzilla.redhat.com/show_bug.cgighsax_refsource_MISCWEB
- bugzilla.suse.com/show_bug.cgighsax_refsource_MISCWEB
- github.com/jaraco/keyring/blob/master/CHANGES.rstghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/keyring/PYSEC-2019-182.yamlghsaWEB
News mentions
0No linked articles in our index yet.