6 matches found
CVE-2021-3840
A dependency confusion vulnerability was reported in the Antilles open-source software prior to version 1.0.1 that could allow for remote code execution during installation due to a package listed in requirements.txt not existing in the public package index PyPi. MITRE classifies this weakness as...
Type confusion
A dependency confusion vulnerability was reported in the Antilles open-source software prior to version 1.0.1 that could allow for remote code execution during installation due to a package listed in requirements.txt not existing in the public package index PyPi. MITRE classifies this weakness as...
PYSEC-2021-840
A dependency confusion vulnerability was reported in the Antilles open-source software prior to version 1.0.1 that could allow for remote code execution during installation due to a package listed in requirements.txt not existing in the public package index PyPi. MITRE classifies this weakness as...
CVE-2021-3840
A dependency confusion vulnerability was reported in the Antilles open-source software prior to version 1.0.1 that could allow for remote code execution during installation due to a package listed in requirements.txt not existing in the public package index PyPi. MITRE classifies this weakness as...
CVE-2021-3840
CVE-2021-3840 : A dependency confusion flaw in the Antilles open-source software prior to 1.0.1 could allow remote code execution during installation when a package listed in requirements.txt does not exist in PyPI. The issue is categorized as CWE-427 (Uncontrolled Search Path Element) where a pr...
Antilles Dependency Confusion Vulnerability
Potential Impact: Remote code execution. Scope of Impact: Open-source project specific. Summary Description: A dependency confusion vulnerability was reported in the Antilles open-source software prior to version 1.0.1 that could allow for remote code execution during installation due to a packag...