Medium severity5.9NVD Advisory· Published Jul 17, 2017· Updated May 13, 2026

CVE-2017-11353

Description

yadm (yet another dotfile manager) 1.10.0 has a race condition (related to the behavior of git commands in setting permissions for new files and directories), which potentially allows access to SSH and PGP keys.

Affected products

Yadm Project/Yadm
cpe:2.3:a:yadm_project:yadm:1.10.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugs.debian.org/868300nvdIssue TrackingPatchThird Party Advisory
github.com/TheLocehiliosan/yadm/issues/74nvdIssue TrackingPatchThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.384
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000