Security Vulnerability Detected
Dependency: paramiko
Criticality: MEDIUM (Score: undefined)
Vulnerability Details
Name: CVE-2022-24302
Description:
In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.
Metadata
"{\"vulnerabilityIdentifiers\":[\"CVE-2022-24302\"],\"published\":\"2022-03-17T22:15:08.900\",\"lastModified\":\"2025-12-16T02:15:46.000\",\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"exploitabilityScore\":2.2,\"impactScore\":3.6,\"weaknesses\":[\"CWE-362\"]}"
Security Vulnerability Detected
Dependency:
paramikoCriticality: MEDIUM (Score: undefined)
Vulnerability Details
Name: CVE-2022-24302
Description:
In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.
Metadata
"{\"vulnerabilityIdentifiers\":[\"CVE-2022-24302\"],\"published\":\"2022-03-17T22:15:08.900\",\"lastModified\":\"2025-12-16T02:15:46.000\",\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"exploitabilityScore\":2.2,\"impactScore\":3.6,\"weaknesses\":[\"CWE-362\"]}"