VDB
KO
MEDIUM 5.5

PYSEC-2026-829

keycloak-httpd-client-install symlink attack vulnerability

Details

keycloak-httpd-client-install versions before 0.8 insecurely creates temporary file allowing local attackers to overwrite other files via symbolic link.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / keycloak-httpd-client-install
Introduced in: 0 Fixed in: 0.8
Fix pip install --upgrade 'keycloak-httpd-client-install>=0.8'

References