Description
Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file.
Remediation
References
Related Vulnerabilities
MySQL Other Vulnerability (CVE-2000-0148)
WordPress Plugin Media Library Assistant PHP Object Injection (2.60)
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-26477)
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19923)
WordPress Plugin NextGEN Gallery Sell Photo Cross-Site Scripting (1.0.4)