2.1
CVE-2012-4571
- EPSS 0.37%
- Veröffentlicht 30.11.2012 22:55:01
- Zuletzt bearbeitet 16.06.2026 23:45:25
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Python Keyring 0.9.1 does not securely initialize the cipher when encrypting passwords for CryptedFileKeyring files, which makes it easier for local users to obtain passwords via a brute-force attack.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.37% | 0.286 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:P/I:N/A:N
|
http://pypi.python.org/pypi/keyring
http://www.openwall.com/lists/oss-security/2012/10/31/8
http://www.ubuntu.com/usn/USN-1634-1
https://bugs.launchpad.net/ubuntu/+source/python-keyring/+bug/1004845