CVE-2022-24302

Опубликовано: 17 мар. 2022

Источник: debian

EPSS Низкий

Описание

In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
paramiko	fixed	2.10.3-1		package
paramiko	no-dsa		bullseye	package

Примечания

https://github.com/paramiko/paramiko/commit/4c491e299c9b800358b16fa4886d8d94f45abe2e (2.10.1)

EPSS

Процентиль: 76%

0.01003

Низкий

Связанные уязвимости

CVE-2022-24302

CVSS3: 5.9

ubuntu

больше 3 лет назад

In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.

CVE-2022-24302

CVSS3: 5.1

redhat

больше 3 лет назад

In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.

CVE-2022-24302

CVSS3: 5.9

nvd

больше 3 лет назад

In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.

SUSE-SU-2022:1447-1

suse-cvrf

больше 3 лет назад

Security update for python-paramiko

SUSE-SU-2022:1446-1

suse-cvrf

больше 3 лет назад

Security update for python-paramiko

EPSS

Процентиль: 76%

0.01003

Низкий