Homepage

keyring@0.5 vulnerabilities

Store and access your passwords safely.

  • latest version

    25.6.0

  • latest non vulnerable version

    25.6.0

  • first published

    15 years ago

  • latest version published

    1 months ago

  • licenses detected

  • View keyring package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the keyring package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Incorrect Default Permissions

    Affected versions of this package are vulnerable to Incorrect Default Permissions. Keyring files are created with world-readable permissions.

    How to fix Incorrect Default Permissions?

    Upgrade keyring to version 0.10 or higher.

    [,0.10)
    • M
    Cryptographic Issues

    keyring is a Store and access your passwords safely. Affected versions of this package are vulnerable to weak password encryption attacks. Python Keyring 0.9.1 does not securely initialize the cipher when encrypting passwords for CryptedFileKeyring files, which makes it easier for local users to obtain passwords via a brute-force attack.

    How to fix Cryptographic Issues?

    Upgrade to version 0.9.1 or greater.

    [,0.9]
    Go back to all versions of this package