VulnerableCode Package Details - pkg:pypi/planet@2.0a3

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/planet@2.0a3

Essentials
History (1)

purl	pkg:pypi/planet@2.0a3

Next non-vulnerable version	2.0.1
Latest non-vulnerable version	2.0.1
Risk

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-h1uw-17ka-bybz Aliases: CVE-2023-32303 GHSA-j5fj-rfh6-qj85 PYSEC-2023-71	Planet is software that provides satellite data. The secret file stores the user's Planet API authentication information. It should only be accessible by the user, but before version 2.0.1, its permissions allowed the user's group and non-group to read the file as well. This issue was patched in version 2.0.1. As a workaround, set the secret file permissions to only user read/write by hand.	2.0.1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:18:44.574202+00:00	Pypa Importer	Affected by	VCID-h1uw-17ka-bybz	https://github.com/pypa/advisory-database/blob/main/vulns/planet/PYSEC-2023-71.yaml	38.6.0