CVE-2022-24302: In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure. Please stabilize at least 2.10.1.
paramiko stable at 2.11.0
"Note: Please do not mark this bug as resolved after bumping or stabilizing. The Security Team will take care of that. Thanks."
Requires local access, very hard to exploit. No GLSA. All done!