Race condition in yadm 1.10.0 allows unauthorized access to SSH and PGP keys

Race condition in yadm 1.10.0 allows unauthorized access to SSH and PGP keys

CVE-2017-11353 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

yadm (yet another dotfile manager) 1.10.0 has a race condition (related to the behavior of git commands in setting permissions for new files and directories), which potentially allows access to SSH and PGP keys.

Learn more about our Web Application Penetration Testing UK.