In Paramiko before 2.10.1, a race condition (between creation and chmod) in the writeprivatekey_file function could allow unauthorized information disclosure.
{ "nvd_published_at": "2022-03-17T22:15:00Z", "cwe_ids": [ "CWE-362" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2022-03-29T20:52:09Z" }