Sensitive Data Exposure in pem
Versions of pem expose sensitive data when the readPkcs12 is used. The readPkcs12 function reads the certificate and key data from a pkcs12 file using the encryption password. As part of this process it creates a globally readable file with a filename of random 0-f characters in the temporary directory containing the password which is then read by OpenSSL. The file containing the password is never cleaned up after it …