EUVD-2023-0292

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-49297

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PyDrive2 is a wrapper library of google-api-python-client that simplifies many common Google Drive API V2 tasks. Unsafe YAML deserilization will result in...

Fedora: Security Advisory (FEDORA-2023-392085b92b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 40 : PyDrive2 (2023-392085b92b)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-392085b92b advisory. Automatic update for PyDrive2-1.18.0-1.fc40. Changelog Thu Dec 7 2023 Mikel Olasagasti Uranga - 1.18.0-1 - Update to 1.18.0 - Closes rhbz2253086 rhbz2253467...

PyDrive2 suffers from a deserialization command execution vulnerability

PyDrive2 is Iterative open source a google-api-python-client wrapper library . PyDrive2 has a deserialization command execution vulnerability that can be exploited by an attacker to execute arbitrary commands...

[SECURITY] Fedora 38 Update: PyDrive2-1.18.0-1.fc38

Google Drive API Python wrapper library. Maintained fork of PyDrive...

Fedora: Security Advisory for PyDrive2 (FEDORA-2023-21d2191c73)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2023-8e70979de3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: PyDrive2-1.18.0-1.fc39

Google Drive API Python wrapper library. Maintained fork of PyDrive...

Fedora 39 : PyDrive2 (2023-8e70979de3)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-8e70979de3 advisory. Update to 1.18 and security fix for CVE-2023-49297 Tenable has extracted the preceding description block directly from the Fedora security advisory...

Fedora 38 : PyDrive2 (2023-21d2191c73)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-21d2191c73 advisory. Update to 1.18 and security fix for CVE-2023-49297 Tenable has extracted the preceding description block directly from the Fedora security advisory...

Deserialization Of Untrusted Data

pydrive2 is vulnerable to Deserialization Of Untrusted Data. The vulnerability exists in LoadSettingsFile function at settings.py which can result in the loading of arbitrary YAML files, resulting in arbitrary code execution...

SUSE CVE-2023-49297

PyDrive2 is a wrapper library of google-api-python-client that simplifies many common Google Drive API V2 tasks. Unsafe YAML deserilization will result in arbitrary code execution. A maliciously crafted YAML file can cause arbitrary code execution if PyDrive2 is run in the same directory as it, o...

PyDrive2's unsafe YAML deserialization in LoadSettingsFile allows arbitrary code execution

Summary Unsafe YAML deserilization will result in arbitrary code execution. A maliciously crafted YAML file can cause arbitrary code execution if PyDrive2 is run in the same directory as it, or if it is loaded in via LoadSettingsFile. Details The loader being imported from the yaml library is...

GHSA-V5F6-HJMF-9MC5 PyDrive2's unsafe YAML deserialization in LoadSettingsFile allows arbitrary code execution

Summary Unsafe YAML deserilization will result in arbitrary code execution. A maliciously crafted YAML file can cause arbitrary code execution if PyDrive2 is run in the same directory as it, or if it is loaded in via LoadSettingsFile. Details The loader being imported from the yaml library is...

egdrive (=0.1.3), ersilia (>=0.1.0 <=0.1.1) +5 more potentially affected by CVE-2023-49297 via pydrive2 (>=1.14.0 <=1.15.4)

pydrive2 PYPI version =1.14.0, =0.1.0, =0.0.0, =1.0.0, =1.0.0, =0.0.1, =0.0.3 Source cves: CVE-2023-49297 Source advisory: OSV:GHSA-V5F6-HJMF-9MC5...

CVE-2023-49297

PyDrive2 is a wrapper library of google-api-python-client that simplifies many common Google Drive API V2 tasks. Unsafe YAML deserilization will result in arbitrary code execution. A maliciously crafted YAML file can cause arbitrary code execution if PyDrive2 is run in the same directory as it, o...

Directory traversal

PyDrive2 is a wrapper library of google-api-python-client that simplifies many common Google Drive API V2 tasks. Unsafe YAML deserilization will result in arbitrary code execution. A maliciously crafted YAML file can cause arbitrary code execution if PyDrive2 is run in the same directory as it, o...

CVE-2023-49297

PyDrive2 is a wrapper library of google-api-python-client that simplifies many common Google Drive API V2 tasks. Unsafe YAML deserilization will result in arbitrary code execution. A maliciously crafted YAML file can cause arbitrary code execution if PyDrive2 is run in the same directory as it, o...

PYSEC-2023-291

PyDrive2 is a wrapper library of google-api-python-client that simplifies many common Google Drive API V2 tasks. Unsafe YAML deserilization will result in arbitrary code execution. A maliciously crafted YAML file can cause arbitrary code execution if PyDrive2 is run in the same directory as it, o...