Alichtman

**Name of the Vulnerable Software and Affected Versions** Spotipy versions prior to 2.25.1 **Description** The issue concerns the `CacheHandler` class in Spotipy, which creates a cache file to store the auth token with overly broad permissions. This allows potential exposure of the Spotify auth token, which could be read by an attacker, such as another user on the machine or a process running as another user. If accessed, the token can be used to perform administrative actions on the Spotify account, depending on the scope granted to the token. **Recommendations** For versions prior to 2.25.1, update to version 2.25.1 to tighten the cache file permissions and prevent overly broad exposure of the Spotify auth token.