PyPI package
keycloak-httpd-client-install
pkg:pypi/keycloak-httpd-client-install
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-15112 | Hig | 7.8 | < 0.8 | 0.8 | Jan 20, 2018 | keycloak-httpd-client-install versions before 0.8 allow users to insecurely pass password through command line, leaking it via command history and process info to other local users. | |
| CVE-2017-15111 | Med | 5.5 | < 0.8 | 0.8 | Jan 20, 2018 | keycloak-httpd-client-install versions before 0.8 insecurely creates temporary file allowing local attackers to overwrite other files via symbolic link. |
- affected < 0.8fixed 0.8
keycloak-httpd-client-install versions before 0.8 allow users to insecurely pass password through command line, leaking it via command history and process info to other local users.
- affected < 0.8fixed 0.8
keycloak-httpd-client-install versions before 0.8 insecurely creates temporary file allowing local attackers to overwrite other files via symbolic link.