Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:15 a.m.6 views

CVE-2022-23653

B2 Command Line Tool is the official command line tool for the backblaze cloud storage service. Linux and Mac releases of the B2 command-line tool version 3.2.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a...

4.7CVSS6AI score0.00206EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-0030

Malicious code in bioql PyPI...

4.7CVSS4.8AI score0.00214EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-0029

Malicious code in bioql PyPI...

4.7CVSS4.8AI score0.00206EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/02/24 12:8 p.m.24 views

b2-sdk-python TOCTOU application key disclosure

Impact Linux and Mac releases of the SDK version 1.14.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use TOCTOU race condition. SDK users of the SqliteAccountInfo format are vulnerable while users...

4.7CVSS1.1AI score0.00214EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2022/02/23 11:15 p.m.13 views

CVE-2022-23653

B2 Command Line Tool is the official command line tool for the backblaze cloud storage service. Linux and Mac releases of the B2 command-line tool version 3.2.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a...

4.7CVSS0.00206EPSS
Exploits0References2
NVD
NVD
added 2022/02/23 11:15 p.m.46 views

CVE-2022-23651

b2-sdk-python is a python library to access cloud storage provided by backblaze. Linux and Mac releases of the SDK version 1.14.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use TOCTOU race...

4.7CVSS0.00214EPSS
Exploits0References3
Prion
Prion
added 2022/02/23 11:15 p.m.16 views

Race condition

B2 Command Line Tool is the official command line tool for the backblaze cloud storage service. Linux and Mac releases of the B2 command-line tool version 3.2.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a...

1.9CVSS4.5AI score0.00206EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/02/23 11:5 p.m.139 views

CVE-2022-23653

Summary (CVE-2022-23653): The B2 Command Line Tool (Linux/Mac) up to v3.2.0 stores API keys and bucket mappings in a local file (account_info) during first run of authorize-account. A TOCTOU race window between file creation (world-readable) and permission tightening can allow a local attacker to...

4.7CVSS4.3AI score0.00206EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/02/23 10:50 p.m.30 views

CVE-2022-23651 b2-sdk-python TOCTOU application key disclosure

b2-sdk-python is a python library to access cloud storage provided by backblaze. Linux and Mac releases of the SDK version 1.14.0 and below contain a key disclosure vulnerability that, in certain conditions, can be exploited by local attackers through a time-of-check-time-of-use TOCTOU race...

4.7CVSS4.2AI score0.00214EPSS
Exploits0References5
Rows per page
Query Builder