55 matches found
SUSE-RU-2019:2505-1 Recommended update for python-jmespath, python-jsonschema, python-paramiko, python-pexpect, python-pip, python-ply, python-pretend, python-process-tests, python-pycodestyle, python-pyflakes, python-pyxdg, python-tabulate, python-vcversioner
This update for python-jmespath, python-jsonschema, python-paramiko, python-pexpect, python-pip, python-ply, python-pretend, python-process-tests, python-pycodestyle, python-pyflakes, python-pyxdg, python-tabulate, python-vcversioner fixes the following issues: python-pip was updated to 10.0.1...
Debian DLA-1819-1 : pyxdg security update
It was discovered that there was a code injection issue in PyXDG, a library used to locate 'FreeDesktop.org' configuration/cache/etc. directories. A lack of sanitisation allowed arbitrary Python code embedded in the Category element of a Menu XML document in a .menu file to be executed. For Debia...
Debian: Security Advisory (DLA-1819-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1819-1] pyxdg security update
Package : pyxdg Version : 0.25-4+deb8u1 CVE ID : CVE-2019-12761 Debian Bug : 930099 It was discovered that there was a code injection issue in PyXDG, a library used to locate "FreeDesktop.org" configuration/cache/etc. directories. A lack of sanitisation allowed arbitrary Python code embedded in t...
DLA-1819-1 pyxdg - security update
Bulletin has no description...
PyXDG Code Injection Vulnerability
PyXDG is a python library that accesses the freedesktop.org standard. A code injection vulnerability exists in PyXDG versions prior to 0.26, which can be exploited by an attacker to generate an illegal code segment that modifies the intended execution control flow of a networked system or compone...
caffeine-ng (>=3.3.1 <=3.3.6), openhub (>=0.0.10 <=0.0.204) +2 more potentially affected by CVE-2019-12761 via pyxdg (=0.25.0)
pyxdg PYPI version =0.25.0 is affected by a known vulnerability. The following packages have a transitive dependency on pyxdg and may be impacted: - caffeine-ng =3.3.1, =0.0.10, =0.0.2, =0.0.352 - rawdisk =0.2.1 Source cves: CVE-2019-12761 Source advisory: OSV:GHSA-R6V3-HPXJ-R8RV...
GHSA-R6V3-HPXJ-R8RV Code Injection in PyXDG
A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDGCONFIGDIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in...
Code Injection in PyXDG
A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDGCONFIGDIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in...
CVE-2019-12761
A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDGCONFIGDIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in...
Code Injection
pyxdg is vulnerable to code injection. The vulnerability is due to lack of sanitization of xdg/Menu.py before an eval call, allowing an attacker to perform xdg.Menu.parse parsing within the directory containing this file by using a malicious python code via a Category element of a Menu XML docume...
CVE-2019-12761
A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDGCONFIGDIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in...
caffeine-ng (>=3.3.1 <=3.3.6), openhub (>=0.0.10 <=0.0.204) +2 more potentially affected by CVE-2019-12761 via pyxdg (=0.25.0)
pyxdg PYPI version =0.25.0 is affected by a known vulnerability. The following packages have a transitive dependency on pyxdg and may be impacted: - caffeine-ng =3.3.1, =0.0.10, =0.0.2, =0.0.352 - rawdisk =0.2.1 Source cves: CVE-2019-12761 Source advisory: OSV:PYSEC-2019-199...
Code injection
A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDGCONFIGDIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in...
PYSEC-2019-199
A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDGCONFIGDIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in...
CVE-2019-12761
A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDGCONFIGDIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in...
CVE-2019-12761
A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDGCONFIGDIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in...
UBUNTU-CVE-2019-12761
A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDGCONFIGDIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in...
PYSEC-2019-199
A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDGCONFIGDIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in...
CVE-2019-12761
A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDGCONFIGDIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in...