Description
Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file.
Remediation
References
Related Vulnerabilities
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-46147)
WordPress Plugin Akismet Cross-Site Scripting (3.1.4)
WordPress Plugin Permalink Manager Lite Unspecified Vulnerability (2.2.13.1)
WordPress Plugin WPZOOM Portfolio Cross-Site Scripting (1.2.1)
WordPress Plugin WordPress Landing Pages Cross-Site Scripting (1.8.7)