Lucene search
+L

7 matches found

redhatcve
redhatcve
added 2025/05/23 1:14 a.m.8 views

CVE-2022-23651

b2-sdk-python is a python library to access cloud storage provided by backblaze. Linux and Mac releases of the SDK version 1.14.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use TOCTOU race...

4.7CVSS6AI score0.00217EPSS
Exploits0References1
nvd
nvd
added 2022/02/23 11:15 p.m.46 views

CVE-2022-23651

b2-sdk-python is a python library to access cloud storage provided by backblaze. Linux and Mac releases of the SDK version 1.14.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use TOCTOU race...

4.7CVSS0.00217EPSS
Exploits0References3
prion
prion
added 2022/02/23 11:15 p.m.23 views

Race condition

b2-sdk-python is a python library to access cloud storage provided by backblaze. Linux and Mac releases of the SDK version 1.14.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use TOCTOU race...

1.9CVSS4.4AI score0.00217EPSS
Exploits0References3Affected Software1
cve
cve
added 2022/02/23 10:50 p.m.256 views

CVE-2022-23651

The CVE-2022-23651 issue affects b2-sdk-python 1.14.0 and earlier on Linux/macOS, where SqliteAccountInfo stores API keys and bucket mappings in a local database file. The vulnerability is a TOCTOU race: the database file is created world-readable and briefly becomes private, allowing a local att...

4.7CVSS4.2AI score0.00217EPSS
Exploits0References3Affected Software1
vulnrichment
vulnrichment
added 2022/02/23 10:50 p.m.7 views

CVE-2022-23651 b2-sdk-python TOCTOU application key disclosure

b2-sdk-python is a python library to access cloud storage provided by backblaze. Linux and Mac releases of the SDK version 1.14.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use TOCTOU race...

4.7CVSS4.3AI score0.00217EPSS
Exploits0References3
osv
osv
added 2022/02/23 10:50 p.m.30 views

CVE-2022-23651 b2-sdk-python TOCTOU application key disclosure

b2-sdk-python is a python library to access cloud storage provided by backblaze. Linux and Mac releases of the SDK version 1.14.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use TOCTOU race...

4.7CVSS4.2AI score0.00217EPSS
Exploits0References5
cvelist
cvelist
added 2022/02/23 10:50 p.m.52 views

CVE-2022-23651 b2-sdk-python TOCTOU application key disclosure

b2-sdk-python is a python library to access cloud storage provided by backblaze. Linux and Mac releases of the SDK version 1.14.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use TOCTOU race...

4.7CVSS4.6AI score0.00217EPSS
Exploits0References3
Rows per page
Query Builder