Name of the Vulnerable Software and Affected Versions pem versions prior to 1.13.2

Description The issue exposes sensitive data when the readPkcs12 function is used. This function reads certificate and key data from a pkcs12 file using the encryption password, creating a globally readable file with the password in the temporary directory. The file containing the password is not cleaned up after use, allowing access to the pkcs12 password to other users with read access to the system.

Recommendations Update to version 1.13.2 or later.