Package impact
PyPI / keyring
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-4571 | low | — | 2.1 | 14y ago | Python Keyring 0.9.1 does not securely initialize the cipher when encrypting passwords for CryptedFileKeyring files, which makes it easier for local users to obtain passwords via a brute-force attack. | |||
| CVE-2012-5577 | unknown | — | — | 6y ago | Python keyring lib before 0.10 created keyring files with world-readable permissions. | |||
| CVE-2012-5578 | unknown | — | — | 6y ago | Python keyring has insecure permissions on new databases allowing world-readable files to be created |