Описание
In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.
A race condition was found in Paramiko. This flaw allows unauthorized information disclosure from an attacker with access to the write_private_key_file.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ansible Automation Platform 2 | paramiko | Not affected | ||
| Red Hat Ceph Storage 2 | python-paramiko | Out of support scope | ||
| Red Hat Enterprise Linux 6 | python-paramiko | Out of support scope | ||
| Red Hat Enterprise Linux 7 | python-paramiko | Out of support scope | ||
| Red Hat Storage 3 | python-paramiko | Affected | ||
| Red Hat Update Infrastructure 4 for Cloud Providers | python-paramiko | Will not fix | ||
| Red Hat OpenStack Platform 16.1 | python-paramiko | Fixed | RHSA-2022:8863 | 07.12.2022 |
| Red Hat OpenStack Platform 16.2 | python-paramiko | Fixed | RHSA-2022:8845 | 07.12.2022 |
| Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 | python-paramiko | Fixed | RHSA-2022:4712 | 26.05.2022 |
| Red Hat Virtualization Engine 4.4 | python-paramiko | Fixed | RHSA-2022:4712 | 26.05.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.1 Medium
CVSS3
Связанные уязвимости
In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.
In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.
In Paramiko before 2.10.1, a race condition (between creation and chmo ...
EPSS
5.1 Medium
CVSS3