Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Planet's secret file is created with excessive permissions
Vulnerability Description
Planet is software that provides satellite data. The secret file stores the user's Planet API authentication information. It should only be accessible by the user, but before version 2.0.1, its permissions allowed the user's group and non-group to read the file as well. This issue was patched in version 2.0.1. As a workaround, set the secret file permissions to only user read/write by hand.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Vulnerability Type
关键资源的不正确权限授予
Vulnerability Title
Planet SDK for Python 安全漏洞
Vulnerability Description
Planet SDK for Python是Planet Labs开源的一个应用程序。提供了一个 Python-API 和一个命令行界面(CLI)来使用 Planet API。 Planet SDK for Python 2.0.1之前版本存在安全漏洞,该漏洞源于允许非授权用户读取用户的Planet API认证信息文件。
CVSS Information
N/A
Vulnerability Type
N/A