CVE-2017-1000485

Name of the Vulnerable Software and Affected Versions Nylas Mail Lives version 2.2.2

Description The issue allows local users to obtain sensitive authentication information via standard filesystem operations due to the use of 0755 permissions for $HOME/.nylas-mail.

Recommendations For version 2.2.2, consider changing the permissions of $HOME/.nylas-mail to a more restrictive setting to prevent unauthorized access to sensitive authentication information.