CVE-2012-2690
virt-edit in libguestfs before 1.18.0 does not preserve the permissions from the original file and saves the new file with world-readable permissions when editing, which might allow local guest users to obtain sensitive information.
Date published : 2012-06-29
http://www.securityfocus.com/bid/53932
https://www.redhat.com/archives/libguestfs/2012-May/msg00104.html