CVE-2019-15716

Published August 28th, 2019

View on NVD ↗

CVSS v3

N/A

CVSS v2

2.1

LOW

Affected

PROJECT

Description

WTF before 0.19.0 does not set the permissions of config.yml, which might make it easier for local attackers to read passwords or API keys if the permissions were misconfigured or were based on unsafe OS defaults.

wtfutil/wtf

The personal information dashboard for your terminal

GitHub

16.9K